A provably secure multi-server authentication scheme based on Chebyshev chaotic map

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2024-05-23 DOI:10.1016/j.jisa.2024.103788

Rui Chen , Yongcong Mou , Wei Li

{"title":"A provably secure multi-server authentication scheme based on Chebyshev chaotic map","authors":"Rui Chen , Yongcong Mou , Wei Li","doi":"10.1016/j.jisa.2024.103788","DOIUrl":null,"url":null,"abstract":"<div><p>The Internet provides us a lot of online services. Under the conventional single-server architectures, remote users must register separately on each visited server to obtain the required services. In contrast, with a multi-server architecture, users can freely access subscribed services from multiple servers by registering at a single registration center (<span><math><mrow><mi>R</mi><mi>C</mi></mrow></math></span>). Currently, biometrics are widely applied in user authentication schemes to improve their security. Combining with biometric authentication techniques, we present an anonymous authentication scheme by using Chebyshev chaotic map to achieve authentication of both communicating parties in multi-server scenario. The core point of this new scheme is the use of chaotic mapping to achieve mutual authentication instead of time-consuming authentication methods, thus leading to higher efficiency. Based on the widely used Real-Or-Random(ROR) model and the Proverif tool, we perform a formal security analysis of the proposed scheme. In addition, the comparison of security attributes and performance with other related works indicates that the new scheme can withstand various attacks and better suited to multi-server application scenarios.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"83 ","pages":"Article 103788"},"PeriodicalIF":3.8000,"publicationDate":"2024-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624000917","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The Internet provides us a lot of online services. Under the conventional single-server architectures, remote users must register separately on each visited server to obtain the required services. In contrast, with a multi-server architecture, users can freely access subscribed services from multiple servers by registering at a single registration center ( $R C$ ). Currently, biometrics are widely applied in user authentication schemes to improve their security. Combining with biometric authentication techniques, we present an anonymous authentication scheme by using Chebyshev chaotic map to achieve authentication of both communicating parties in multi-server scenario. The core point of this new scheme is the use of chaotic mapping to achieve mutual authentication instead of time-consuming authentication methods, thus leading to higher efficiency. Based on the widely used Real-Or-Random(ROR) model and the Proverif tool, we perform a formal security analysis of the proposed scheme. In addition, the comparison of security attributes and performance with other related works indicates that the new scheme can withstand various attacks and better suited to multi-server application scenarios.

查看原文本刊更多论文

基于切比雪夫混沌图的可证明安全的多服务器验证方案

互联网为我们提供了大量在线服务。在传统的单服务器架构下，远程用户必须在每个访问的服务器上分别注册，才能获得所需的服务。相比之下，在多服务器架构下，用户只需在一个注册中心（RC）注册，就能自由访问多个服务器上的订阅服务。目前，生物识别技术被广泛应用于用户身份验证方案，以提高其安全性。结合生物识别身份验证技术，我们提出了一种匿名身份验证方案，利用切比雪夫混沌图实现多服务器场景下通信双方的身份验证。这种新方案的核心要点是利用混沌映射实现相互认证，而不是采用耗时的认证方法，从而提高了效率。基于广泛使用的真实或随机（ROR）模型和 Proverif 工具，我们对提出的方案进行了正式的安全分析。此外，通过与其他相关著作的安全属性和性能比较，我们发现新方案可以抵御各种攻击，更适合多服务器应用场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.