An efficient remote mutual authentication scheme using smart mobile phone over insecure networks

2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) Pub Date : 2015-06-08 DOI:10.1109/CyberSA.2015.7166114

Ruhul Amin, S. H. Islam, G. P. Biswas, M. Khan

{"title":"An efficient remote mutual authentication scheme using smart mobile phone over insecure networks","authors":"Ruhul Amin, S. H. Islam, G. P. Biswas, M. Khan","doi":"10.1109/CyberSA.2015.7166114","DOIUrl":null,"url":null,"abstract":"To establish a secure connection between a mobile user and a remote server, this paper presents a session key agreement scheme through remote mutual authentication protocol by using mobile application software(MAS). We analyzed the security of our protocol informally, which confirms that the protocol is secure against all the relevant security attacks including off-line identity-password guessing attacks, user-server impersonation attacks, and insider attack. In addition, the widely accepted simulator tool AVISPA simulates the proposed protocol and confirms that the protocol is SAFE under the OFMC and CL-AtSe back-ends. Our protocol not only provide strong security against the relevant attacks, but it also achieves proper mutual authentication, user anonymity, known key secrecy and efficient password change operation. The performance comparison is also performed, which ensures that the protocol is efficient in terms of computation and communication costs.","PeriodicalId":432356,"journal":{"name":"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberSA.2015.7166114","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

To establish a secure connection between a mobile user and a remote server, this paper presents a session key agreement scheme through remote mutual authentication protocol by using mobile application software(MAS). We analyzed the security of our protocol informally, which confirms that the protocol is secure against all the relevant security attacks including off-line identity-password guessing attacks, user-server impersonation attacks, and insider attack. In addition, the widely accepted simulator tool AVISPA simulates the proposed protocol and confirms that the protocol is SAFE under the OFMC and CL-AtSe back-ends. Our protocol not only provide strong security against the relevant attacks, but it also achieves proper mutual authentication, user anonymity, known key secrecy and efficient password change operation. The performance comparison is also performed, which ensures that the protocol is efficient in terms of computation and communication costs.

查看原文本刊更多论文

利用智能手机在不安全网络上实现高效的远程互认证方案

为了在移动用户和远程服务器之间建立安全连接，本文提出了一种利用移动应用软件(MAS)通过远程相互认证协议的会话密钥协商方案。我们非正式地分析了我们的协议的安全性，确认该协议对所有相关的安全攻击都是安全的，包括离线身份密码猜测攻击，用户服务器模拟攻击和内部攻击。此外，广泛接受的模拟器工具AVISPA模拟了提议的协议，并确认该协议在OFMC和CL-AtSe后端是SAFE的。我们的协议不仅对相关攻击提供了强大的安全性，而且还实现了适当的相互认证、用户匿名、已知密钥保密和高效的密码修改操作。并进行了性能比较，以确保协议在计算和通信成本方面是有效的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)

自引率

0.00%

发文量