An attribute-based mutual authentication scheme with time-bounded keys

Abstract

Remote user authentication scheme is an important technique for securely accessing the resources of servers. Traditionally, password-based authentication schemes are commonly adopted mechanisms, i.e., a user first chooses a password and then registers to the server for becoming a legitimate member. Nevertheless, such schemes are vulnerable to password guessing attacks and a remote server might have to maintain a password table for verifying users. In recent years, attribute-based cryptosystems have been received much attention. An attribute-based authentication scheme allows a remote system to verify a user's membership according to his/her owned attribute sets without using passwords. In 2015, Yun et al. proposed an improved attribute-based authentication protocol by utilizing Shamir's secret sharing technique. Their protocol is secure against man-in-the-middle, replay and collusion attacks. However, we find out that their scheme only achieves one-way authentication rather than mutual authentication. In this paper, we extend their work to further fulfill the crucial property of mutual authentication. Moreover, we incorporate the concept of time-bounded keys into the extended variant for providing more flexible applications in the real world.