CCMbAS: A Provably Secure CCM-Based Authentication Scheme for Mobile Internet

Zhang, Yu; Sun, Guangmin; Zhai, Peng

doi:https://doi.org/10.1155/2022/7318948

Mobile Information Systems

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Big Data-Driven Mobile IoT Intelligence

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 7318948 | https://doi.org/10.1155/2022/7318948

CCMbAS: A Provably Secure CCM-Based Authentication Scheme for Mobile Internet

Yu Zhang,^1,2Guangmin Sun,¹and Peng Zhai^1,2

Academic Editor: Dragan Pamučar

Received14 Jul 2022

Revised17 Sept 2022

Accepted21 Sept 2022

Published12 Oct 2022

Abstract

To improve the security of authentication system and strengthen privacy protection in mobile Internet environment, this paper proposes a provably secure Chebyshev chaotic map (CCM)-based authentication scheme (CCMbAS). The proposed scheme transformed the traditional public key of Chebyshev chaotic map into a private key and combined two private keys to compute a one-time key used to encrypt authentication information. The scheme is verified using security review of BAN logic and ProVerif simulation tool. The verification results confirm that the scheme is well secured against all existing security threats. Compared with similar schemes, the proposed scheme is more efficient and secure. The security analysis shows that the proposed scheme can fulfil secure demands and ensure the security of user’s information in mobile Internet environment.

1. Introduction

Mobile Internet is the Internet and service that takes mobile network as access network. It has the characteristics of openness and complexity. With the rapid upgradation of mobile communication and the wide application of intelligent terminal, the application services provided by mobile Internet are more and more widespread. However, the network environment is more and more complex. Identity authentication is the first defender of information system, which can guarantee the security of system data and user information in complex network environment. It plays a key role in application system.

Aiming at solving the security threat of identity authentication system and protecting user’s privacy information, Zhu et al. [1] proposed a biometrics-based multi-server key agreement scheme (BbKAS) on chaotic map cryptosystem. The encryption key of the scheme is not secure enough because the attacker can obtain encrypting key and crack encrypted information with dictionary attack of the intercepting information. Jiang et al. [2] proposed a new three-factor scheme. Ali et al. [3] proposed a three-factor identity authentication scheme based on RSA encryption algorithm.

To reduce the computational cost, Dong et al. [4] proposed a biometric verification-based authentication scheme (BVbAS) using Chebyshev chaotic mapping. The design of the scheme is unreasonable because the registry centre must provide all concerned information about all users and servers to each other before they request authentication. The design may result in a sharp increase in the communication cost of system. Otherwise, the authentication cannot be performed.

In general, the schemes can be classified into five groups in terms of the underlying intractability problem: based on discrete-logarithm problem [5–8], based on pairing [9, 10], based on chaotic map [11–13], based on integer-factorization problem [14], and based on hash function [15–18]. Among them, schemes based on elliptic curve bilinear pairings, such as a robust provable-secure privacy-preserving authentication protocol (PpAP) for Industrial Internet of Things [10], usually require large computation cost. Chaotic cryptography has become increasingly popular due to its lower computational complexity and higher asymmetric key security [19]. In view of the computing and security advantages of chaotic cryptography, CCMbAS is proposed to solve the problems of the above schemes.

2.1. Fuzzy Extractor

In order to solve the contradiction between the variability of extracted biometric feature data and the input stability of traditional cryptography, Dodis proposed an algorithm of fuzzy extractors [20]. The algorithm could keep the numerical consistency of output results in the case of slight differences in the extracted biometric features.

Fuzzy extractor includes generation function and reproduction function , and is a probabilistic generating function. When the user inputs a biometric feature , the function will generate a random string limited to a fixed length () and a public reproduction parameter (as an auxiliary string), namely, , and is a deterministic reproduction function which can reproduce the biometric key according to the input biometric feature and corresponding public reproduction parameter . If the Hamming distance between and is within the preset fault tolerance threshold, . When and run in polynomial time, fuzzy extractor is very efficient. Without the aid of the original biometric feature, the biometric key cannot be reproduced with only the public reproduction parameter through calculation [4].

The application of fuzzy extractor can be effectively combined with cryptography in the field of authentication. In recent years, fuzzy extractor is used in many multi-factor authentication schemes [21–25].

2.2. Chebyshev Map

Definition 1. Chebyshev polynomial Tn is the polynomial of n orders about x, where is a natural number, , and .
According to trigonometric transformation, Chebyshev polynomial iterative relation can be obtained as follows: , , …, .

Definition 2. The cryptosystem based on Chebyshev polynomial has the risk that session key is intercepted. In order to remedy the security defect, Zhang et al. [26] extended the domain of from to in 2008, that is, extended Chebyshev polynomial:where , , and is a big prime number. It still has the semigroup property:

Definition 3. It is a very hard problem of discrete logarithm to get with the value and ( ). It is impossible in theory.

Definition 4. It is Diffie–Hellman problem to compute using and . It is also impossible in theory.

3. Scheme Design

The authentication system consists of three parts: certificate authority (CA), user terminal, and server.

CA includes registration module, important data management module, and user authority management module.

User terminal includes registration module, biometric feature authentication module, password verification module, important data management module, and application interface module.

Server includes registration module, key agreement module, important data management module, and application platform interface module.

3.1. Symbol Definitions

The symbol definitions of the proposed scheme are shown in Table 1.

3.2. System Settings

CA first generates a private key (assuming that the key is absolutely secure), then selects a random string , and generates through Chebyshev chaos map. The public key is published. The private key is hidden.

3.3. Registration Phase

3.3.1. Server Registration Phase

The registration process of the server is shown in Figure 1. Step 1. The server selects a unique identity and sends and the current time to CA via secure channel. Step 2. After receiving the registration request message from , CA first checks whether the time exceeds the maximum valid time interval or not. If the time interval meets the requirements, CA then checks whether the identity of the server is registered already or not. If the identity is registered already, CA rejects the registration request. Otherwise, CA computes , selects a random number and computes the key and . The key cannot be published. Then, CA stores the data in the important data management module and sends the message to server via secure channel. Step 3. After receiving , the server stores them in the important data management module.

3.3.2. User Registration Phase

The process is shown in Figure 2. Step 1. The user selects a unique identity and . Then, the biometric sample is input through the sensor of biometric authentication module. The biometric key is obtained by using the fuzzy extractor and its public reproduction parameter . That is, . Step 2. The user computes , gets current time , and then sends the registration information to CA via secure channel. Step 3. After receiving , CA first checks whether the time exceeds the maximum time interval or not. If it exceeds the maximum time interval, CA rejects the user’s request. If the result is eligible, CA checks whether the identity is registered already or not. CA forbids the user to register again. If the identity is not registered, CA calculates , selects a random number , and calculates the key (the public key transformed into private key) and . Then, CA stores in the important data management module and sends to user via the secure channel. Step 4. After receiving , user calculates and and then stores the information in the important data management module.

3.4. Login, Authentication, and Key Agreement Phase

If the user requests to login to the server, successfully authenticates his identity, and accesses resources, he/she must perform the steps shown in Figure 3. Step 1. The user inputs biometric feature through the sensor of biometric feature authentication module and uses fuzzy extractors and its public reproduction parameter to obtain biometric key by calculating function . When the Hamming distance from and is only less than the default tolerance threshold value, the equation can be set up and the user can pass biometric feature authentication. Then, the user calculates . Step 2. The user inputs the correct password and calculates the equation so as to pass password authentication. Step 3. The user selects a random number as the temporary private key, calculates , and , obtains the current time , and sends the message to server via public network. The key is the one-time key generated by calculation after the combination of the private key and , Step 4. After receiving , server first checks whether the time exceeds the maximum time interval or not. If it exceeds the maximum time interval, the server rejects the user’s request. If the result is eligible, server selects a random number as the temporary private key, calculates , , and , then obtains the current time , and sends to CA via public network. The key is the one-time key generated by calculation after the combination of the private key and . Step 5. After receiving , CA first checks whether the time exceeds the maximum time interval or not. If it exceeds the maximum time interval, CA rejects the request. If it is eligible, CA calculates , , , and and verifies . If the result is equal, CA authenticates the server . Step 6. Based on , CA calculates , , , and and verifies . If the result is not equal, CA stops authentication. If the result is equal, CA can authenticate the user which applies for accessing the server . Step 7. CA calculates , , and , obtains the current time and sends to the server via public network. Step 8. After receiving , server first checks whether the time exceeds the maximum time interval or not. If it exceeds the maximum time interval, the server will discard the received information. If the result is eligible, the server fetches from and calculates and . Then, the server verifies . If the result is not equal, the server stops authentication. If the result is equal, the server can authenticate CA. Then, the server calculates the session key which will be used with the user , gets the current time , and sends ) to the user via public network. Step 9. After receiving , user first checks whether the time exceeds the maximum time interval. If it oversteps the maximum time interval, user will discard the received information. If the result is eligible, the user calculates and . Then, the user verifies . If the result is not equal, the user stops authentication. If the result is equal, the user can authenticate CA and the server . Then, the user calculates the session key which will be used with the server .

3.5. Password Change

If the user wants to change the password, the authentication must be completed of the user on the terminal first. Then, the user changes the password according to the steps of registration. The corresponding information stored in the user terminal and the CA can be updated.

3.6. Identity and Biometric Feature Change

If the user needs to change the identity, the identity can be changed by the similar steps of the password change. If the user needs to change the biometric feature, the biometric feature can be changed after the terminal authenticates the legitimate user.

4. Scheme Security

4.1. Security Analysis

4.1.1. Key Security

The user’s biometric key is generated by fuzzy extractor, so the attacker cannot get the user’s biometric key through the fuzzy extractor without the user’s biometric feature. In the proposed scheme, a double key combined encryption mechanism is designed. For example, the key is the one-time key generated by calculation after the combination of the private key and . Because the one-time key is newly generated, the information encrypted with is difficult to crack. The user calculates , and in order to hide and and then stores the information into the important data management module. Suppose that attacker can obtain the data stored in the user’s terminal, and the encrypted information cannot be decrypted. Therefore, the information , , and cannot be leaked or stolen.

4.1.2. Terminal Lost Attack

If the terminal device is lost, authentication requires not only the correct biometric feature information but also the correct password. The user’s secret information stored in the terminal device is encrypted data. The attacker cannot provide the correct information and decrypt the stored secret information. Therefore, the system can ensure the security of the secret information in the case of terminal device loss.

4.1.3. Password Guessing Attack

In this scheme, user authentication includes two steps. If user wants to login successfully, the biometric feature and password must be correct. Without biometric feature of the legitimate user, the attacker cannot pass the initial biometric feature authentication. Therefore, the attacker cannot proceed the second step, password authentication. The shared session key generated temporarily is new and different each time. Attacker cannot guess the session key. Therefore, authentication system can effectively avoid password guessing attack.

4.1.4. Impersonation Attack

Because user authentication includes biometric feature and password, the attacker cannot pass through password authentication when he initiates impersonation attack in case of obtaining the user’s biometric feature. If an attacker impersonates a legitimate user or server to transmit information, the user, server, or CA can identify the authenticity of the sender through calculation and the impersonation attack information.

4.1.5. Eavesdropping Attack

The scheme uses the randomness of hash function value to hide the authentication information transmitted in the public network and uses the one-off key randomly generated by Chebyshev chaos map to encrypt the authentication information. Under the premise of this double security, the attacker cannot get useful information by eavesdropping on the messages transmitted in the public network.

4.1.6. Denial-of-Service Attack

Within a certain time period, CA does not allow users using the same ID to apply for registration. Therefore, CA can avoid excessive consumption of server resources and effectively defend against denial-of-service attack.

4.1.7. Man-in-the-Middle Attack

Even if information of legitimate users or servers is intercepted and tampered by attacker, the attacker cannot pass the inspection and authentication of users or servers. Therefore, the attacker cannot steal the content from the information of user and server by attack.

4.1.8. Replay Attack

Time information is added to the transmitted information in the proposed scheme, which has the function of time stamp and can effectively avoid replay attack.

4.1.9. Privileged Insider Attack

In this scheme, CA uses its own private key to perform XOR operation to the key of user or server to hide the important information. The password of user is protected by one-way hash function when applying for registration and authentication, which also achieves the purpose of hiding important information. In this way, privilege attack can be effectively avoided.

4.1.10. Forward Security

The encryption key of authentication information is one-off in the process of certification. The sharing session key is also one-off after key agreement. The scheme has dual security by hiding and encryption. The attacker cannot crack the former session key.

4.1.11. Mutual Authentication

In the proposed scheme, the shared session key calculated only by the legitimate user and server will be the same. Therefore, the scheme can realize mutual authentication among CA, user, and server. Meanwhile, the scheme can ensure the communication security between legitimate user and server.

The comparison results in terms of security are shown in Table 2.

4.2. BAN Logical Proof

4.2.1. BAN Logic

Among the cryptographic protocol formal verification methods, BAN logic proposed by Burrows et al. in 1989 is the well-known one [27]. BAN logic is a kind of modal logic based on belief, which mainly includes the following three processing objects: subject, key, and formula. , , and represent the subject variable. represents the key variable. and represent the formula variable. and represent the two common subjects. is the authentication server. , and represent the specific shared key. , and represent the specific public key. , , and represent the specific secret key. , , and represent the temporary value. represents the irreversible hash function of (1)The syntax and semantics of the BAN logical component. The syntax and semantics of the BAN logical component are shown in Table 3.(2)BAN logic inference rules.

Message meaning rules: R1–R3. Nonce verification rule: R4. Jurisdiction rule: R5. Seeing rules: R6–R10. Freshness rules: R11. Belief rules: R12–R15. Key and secret rules: R16–R19. BAN logic inference rules are shown in Table 4.

4.3. Scheme Security Proof

(1)Initialization , (2)Establish security goals G1. , G2. , G3. , G4. , G5. , G6. (3)Protocol formalization F1. , , F2. , , F3. , , F4. , , F5. , F6. , F7., F8. ,(4)Concrete proof process V1. According to the rule R4 and formalization F3, can be got. Therefore, the goal G1 is true. V2. In the same way of V1 above, according to the rule R4 and formalization F4, the goal G2 is true. V3. According to the rule R5 and formalization F5, can be obtained. Therefore, the goal G3 is true. V4. In the same way of V3 above, according to the rule R5 and formalization F6, the goal G4 is true. V5. According to goal G3, formalization F2, and rule R12, can be obtained. Therefore, the goals G5 and G6 are true.

Basing on the BAN logic proof, the proposed authentication scheme can achieve the predetermined security goal, which proves that the scheme is secure.

4.4. ProVerif Verification

4.4.1. ProVerif Code

(----------------channel---------------------) free sch: channel [private]. (---secure channel----) free ch: channel. (---unsecure channel----) (----------------variable and constants---------------------) free ID: bitstring. (---User ID----) const SID: bitstring. (---Application server ID----) const x: bitstring. (---Seed for Chebyshev chaotic map ----) const pw: bitstring [private]. (---password of user----) free treg: bitstring. (---the time of registration----) free s: bitstring [private]. (---key of application server----) free u: bitstring [private]. (---key of user----) free k: bitstring [private]. (---key of CA----) free B: bitstring [private]. (---biometric of user----) free w: bitstring [private]. (---parameter of fuzzy extraction algorithm----) free SK: bitstring [private]. (---the session key between user and application server--) (----------------constructor---------------------) fun H(bitstring): bitstring. fun senc(bitstring, bitstring): bitstring. fun T(bitstring, bitstring): bitstring. (---the Chebyshev chaotic map algorithm--) fun xor(bitstring, bitstring): bitstring. fun Concat(bitstring, bitstring): bitstring. fun GEN(bitstring): bitstring. (---the GEN section of fuzzy extraction algorithm--) fun REP(bitstring): bitstring. (---the REP section of fuzzy extraction algorithm--) (--------destructors&equations--------------------) reduc forall m: bitstring, n: bitstring; sdec(senc(m,n),n) = m. (reduc forall a: bitstring, b: bitstring, x:bitstring; T(b,T(a,x)) = T(a,x)T(b,x). ---the Chebyshev chaotic map algorithm--) equation forall m: bitstring, n: bitstring; xor(xor(m,n),n) = m. (----------------events ---------------------) event BeginUser(bitstring). event EndUser(bitstring). (----------------query ---------------------) query attacker(SK). query id:bitstring; inj-event(EndUser(id)) = =>inj-event(BeginUser(id)). (----------------process---------------------) (----------------user process---------------------) let user = let (b) = GEN(B) in let UR=H(Concat(pw, ID)) in out(sch, (ID, UR, treg)); event BeginUser(ID); in(sch,(URR:bitstring, Qi:bitstring)); (-Input some data -) let URb = xor(URR, b) in let Qip = xor(Qi, pw) in new Bioaut: bitstring; new pw: bitstring; let b = REP(Bioaut) in let Qi = xor(Qip, pw) in new a: bitstring; let tax = T(a,x) in let k1 = T(u, tax) in let HU=H(Concat(Concat(ID, SID), URR)) in let MU = xor(HU, k1) in out(ch,(MU, ID, tax)); in(ch,(Ri:bitstring, tbx:bitstring)); let Rii = xor(Ri, k1) in let Hi = H(Concat(ID, URR)) in if Hi = Rii then let SK = T(a,tbx) in 0 ). (----------------Application Server AS process---------------------) let AS = ! ( new tj:bitstring; out(sch,(SID,tj)); in(sch,(SR:bitstring, Qj:bitstring)); let SR=H(Concat(SID,k)) in let Qj = T(s,x) in in(ch,(MU: bitstring, ID: bitstring, tax: bitstring)); new b:bitstring; let tbx = T(b,x) in let k2 = T(s, tbx) in let HS=H(Concat(Concat(ID, SID), SR)) in let MS = xor(HS, k2) in out(ch,(MS, SID, tbx, MU, ID, tax)); in(ch,(Rj: bitstring, Ri: bitstring, ID: bitstring)); let Rjj = xor(Rj, k2) in let Hj = H(Concat(SID, SR)) in if Hj = Rjj then let SK = T(b,tax) in out(ch,(Ri, tbx)); event EndUser(ID); 0 ). (----------------Certificate Authority CA process---------------------) let CA = in(sch, (ID:bitstring, UR:bitstring, treg:bitstring)); new u: bitstring; let URR=H(Concat (UR,k)) in let Qi = T(u,x) in let ui = xor(u,k) in out(sch,(URR, Qi)); in(sch, (SID:bitstring, tj: bitstring)); new s: bitstring; let SR=H(Concat(SID,k)) in let Qj = T(s,x) in let sj = xor(s,k) in out(sch,(SR,Qj)); in(ch,(MS:bitstring, SID:bitstring, tbx:bitstring, MU: bitstring, ID: bitstring, tax: bitstring)); let s = xor(sj,k) in let k22 = T(s, tbx) in let MSS = xor(MS,k22) in let HUS=H(Concat(Concat(ID,SID),SR)) in if HUS = MSS then let u = xor(ui,k) in let k11 = T(u, tax) in let MUU = xor(MU,k11) in let HSU=H(Concat(Concat(ID,SID),URR)) in if HSU = MUU then let HUR=H(Concat(ID,URR)) in let Ri = xor(HUR,k11) in let HSR=H(Concat(SID,SR)) in let Rj = xor(HSR,k22) in out(ch,(Rj, Ri, ID)); 0. process (user| AS |CA)

4.4.2. Performance Result

The performance result is shown in Figure 4. From the result, we can see that our scheme is secure.

5. Performance

5.1. Computation Cost

According to literature [1, 10, 28–31] and the measured consumption time of the relative algorithms of the proposed scheme on our Intel Core i5-3470 platform, the details are shown as follows.

: XOR. Because XOR operation time is very small, it can be ignored. : hash operation. The hash operation time is 0.6 ms. (): Chebyshev chaotic map. Its operation takes twice the time of hash operation. : the time of obtaining public parameters and feature key from biometric feature by fuzzy extractor algorithm. The time is 805 times that of hash operation. : the time of regenerating the biometric key from biometric feature and public parameter by fuzzy extractor algorithm. The time is 187 times that of hash operation. and : symmetric encryption operation and symmetric decryption operation. The operations of both of them take twice the time of hash operation. : encryption or decryption of elliptic curve public key cryptography. The time is 968 times that of hash operation. : the time of an elliptic curve point multiplication. The time is 126 times that of hash operation. : the time of an elliptic curve point addition. The time is 14 times that of hash operation. The comparison results of execution time of the related schemes are shown in Table 5.

As can be seen from Table 5, the computation cost of two phases is the lowest respectively in our proposed scheme. The proposed scheme is superior to the similar scheme in [1, 4, 10].

5.2. Communication Cost

Referring to [1, 4, 10], we set the length as follows. : the length of identity is 32bits; : the length of hash function is 160bits; : the output size of chaotic maps is 128bits; : the length of time is 128bits because it can be considered as a random number; : the length of symmetric encryption/decryption is 128bits; : the output size of an elliptic curve point is 320bits; and : the length of random nonce is 128bits.

Here only the often executed login and authentication phases are considered for cost calculations. The comparison results of communication cost for the protocols are presented in Table 6. It can be observed that our scheme is more efficient than the schemes [1, 10] in communication cost.

6. Conclusion

In order to improve security of authentication system and strengthen protection for sensitive information and privacy of users, a provably secure Chebyshev chaotic map (CCM)-based authentication scheme is proposed. The scheme uses hash function to hide user information and uses fuzzy extractor to authenticate user biometric feature. Especially, the proposed scheme transformed the traditional public key of Chebyshev chaotic map into a private key and combined two private keys to compute a one-time key used to encrypt authentication information. The results verified by BAN logic and ProVerif simulation tool confirm that the scheme is well secured against all existing security threats. Compared with similar schemes, the proposed scheme is more efficient and secure. Therefore, the proposed scheme has great application value in high security demands scenarios such as mobile payment and contactless access control. In the future, we will continue to further study authentication schemes for more complex network environment.

Data Availability

The data used to support the findings of this study are included within the article.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.

Acknowledgments

This research was funded by the National Natural Science Foundation of China (grant no. 41706201).

References

H. Zhu, X. Hao, and Y. Zhang, “A biometrics-based multi-server key agreement scheme on chaotic maps cryptosystem,” Journal of Information Hiding and Multimedia Signal Processing, vol. 6, no. 2, pp. 211–224, 2015.
View at: Google Scholar
Q. Jiang, F. Wei, S. Fu, J. Ma, G. Li, and A. Alelaiwi, “Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy,” Nonlinear Dynamics, vol. 83, no. 4, pp. 2085–2101, 2016.
View at: Publisher Site | Google Scholar
A. Rifaqat and P. A. Kumar, “A secure and robust three-factor based authentication scheme using RSA cryptosystem,” International Journal of Business Data Communications and Networking, vol. 13, no. 1, pp. 74–84, 2017.
View at: Google Scholar
X. Dong, M. Li, and Y. Du, “A biometric verification-based authentication scheme using Chebyshev chaotic mapping,” Journal of Beijing University of Aeronautics and Astronautics, vol. 45, no. 05, pp. 1052–1058, 2019.
View at: Google Scholar
S. Zhou, Q. Gan, and X. Wang, “Authentication scheme based on smart card in multi-server environment,” Wireless Networks, vol. 26, no. 2, pp. 855–863, 2020.
View at: Publisher Site | Google Scholar
N. Lwamo, L. Zhu, and C. Xu, “Suaa: a secure user authentication scheme with anonymity for the single & multi-server environments,” Information Sciences, vol. 477, pp. 369–385, 2019.
View at: Google Scholar
N. Kumar, K. Kaur, S. C. Misra, and R. Iqbal, “An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud,” Peer-to-Peer Networking and Applications, vol. 9, no. 5, pp. 824–840, 2016.
View at: Publisher Site | Google Scholar
D. He, N. Kumar, and J. H. Lee, “Privacy-preserving data aggregation scheme against internal attackers in smart grids,” Wireless Networks, vol. 22, no. 2, pp. 491–502, 2015.
View at: Publisher Site | Google Scholar
S. Roy, A. K. Das, S. Chatterjee, N. Kumar, S. Chattopadhyay, and J. J. P. C. Rodrigues, “Provably secure fine-grained data access control over multiple cloud servers in mobile cloud computing-based healthcare applications,” IEEE Transactions on Industrial Informatics, vol. 15, no. 1, pp. 457–468, 2019.
View at: Publisher Site | Google Scholar
D. Rangwani, D. Sadhukhan, S. Ray, M. K. Khan, and M. Dasgupta, “A robust provable-secure privacy-preserving authentication protocol for Industrial Internet of Things,” Peer-to-peer Networking and Applications, vol. 14, no. 3, pp. 1548–1571, 2021.
View at: Publisher Site | Google Scholar
Y. Luo, Y. Liu, J. Liu, X. Ouyang, Y. Cao, and X. Ding, “ECM-IBS: a Chebyshev map-based broadcast authentication for wireless sensor networks,” International Journal of Bifurcation and Chaos, vol. 29, no. 09, p. 1950118, 2019.
View at: Publisher Site | Google Scholar
X. Y. Guo, D. Z. Sun, and Y. Yang, “An improved three-factor session initiation protocol using Chebyshev chaotic map,” IEEE Access, vol. 8, pp. 111265–111277, 2020.
View at: Publisher Site | Google Scholar
R. I. Abdelfatah, N. M. Abdal-Ghafour, and M. E. Nasr, “Secure VANET authentication protocol (SVAP) using Chebyshev chaotic maps for emergency conditions,” IEEE Access, vol. 10, pp. 1096–1115, 2022.
View at: Publisher Site | Google Scholar
M. Fueyo and J. Herranz, “On the efficiency of revocation in RSA-based anonymous systems,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 8, pp. 1771–1779, 2016.
View at: Publisher Site | Google Scholar
S. Barman, H. P. H. Shum, S. Chattopadhyay, and D. Samanta, “A secure authentication protocol for multi-server-based E-healthcare using a fuzzy commitment scheme,” IEEE Access, vol. 7, pp. 12557–12574, 2019.
View at: Publisher Site | Google Scholar
X. Zhang and J. Liu, “Multi-factor authentication protocol based on hardware fingerprint and biometrics,” Netinfo Security, vol. 20, no. 8, pp. 9–15, 2020.
View at: Google Scholar
A. Aug, “Security of cryptocurrencies in blockchain technology: state-of-art, challenges and future prospects,” Journal of Network and Computer Applications, vol. 163, p. 765, 2020.
View at: Google Scholar
S. Roy, S. Chatterjee, and A. K. Das, “On the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services,” IEEE Access, p. 1, 2017.
View at: Google Scholar
S. Namasudra and P. Roy, “A new secure authentication scheme for cloud computing environment,” Concurrency and Computation: Practice and Experience, vol. 29, pp. e3864–20, 2017.
View at: Publisher Site | Google Scholar
Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, “Fuzzy extractors: how to generate strong keys from biometrics and other noisy data,” SIAM Journal on Computing, vol. 38, no. 1, pp. 97–139, 2008.
View at: Publisher Site | Google Scholar
D. A. Kumar, “A secure and robust temporal credential-based three-factor authentication scheme for wireless sensor networks,” Peer-to-peer Networking and Applications, vol. 9, no. 1, pp. 223–244, 2016.
View at: Google Scholar
M. Wazid, A. K. Das, S. Kumari, X. Li, and F. Wu, “Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for TMIS,” Security and Communication Networks, vol. 9, no. 13, pp. 1983–2001, 2016.
View at: Publisher Site | Google Scholar
R. Zhang, Y. Xiao, S. Sun, and H. Ma, “Efficient multi-factor authenticated key exchange scheme for mobile communications,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 4, pp. 625–634, 2019.
View at: Publisher Site | Google Scholar
C. Herder, L. Ren, M. Dijk, M. D. Yu, and S. Devadas, “Trapdoor computational fuzzy extractors and stateless cryptographically-secure physical unclonable functions,” IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 1, pp. 65–82, 2017.
View at: Publisher Site | Google Scholar
R. Amin, R. S. Sherratt, D. Giri, S. H. Islam, and M. K. Khan, “A software agent enabled biometric security algorithm for secure file access in consumer storage devices,” IEEE Transactions on Consumer Electronics, vol. 63, no. 1, pp. 53–61, 2017.
View at: Publisher Site | Google Scholar
L. Zhang, “Cryptanalysis of the public key encryption based on multiple chaotic systems,” Chaos, Solitons & Fractals, vol. 37, no. 3, pp. 669–674, 2008.
View at: Publisher Site | Google Scholar
M. Burrows, M. Abadi, and R. Needham, “A logic of authentication,” Proceedings of the Royal Society of London, vol. 426, pp. 233–271, 1989.
View at: Google Scholar
M. Zhang, J. Zhang, and Y. Zhang, “Remote three-factor authentication scheme based on Fuzzy extractors,” Security and Communication Networks, vol. 8, no. 4, pp. 682–693, 2015.
View at: Publisher Site | Google Scholar
V. Odelu, A. K. Das, and A. Goswami, “A secure biometrics-based multi-server authentication protocol using smart cards,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 9, pp. 1953–1966, 2015.
View at: Publisher Site | Google Scholar
C. C. Chang and C. Y. Sun, “A secure and efficient authentication scheme for E-coupon systems,” Wireless Personal Communications, vol. 77, no. 4, pp. 2981–2996, 2014.
View at: Publisher Site | Google Scholar
C. C. Lee, “A simple key agreement scheme based on chaotic maps for VSAT satellite communications,” International Journal of Satellite Communications and Networking, vol. 31, no. 4, pp. 177–186, 2013.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2022 Yu Zhang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

197

Downloads

296

Citations

Mobile Information Systems

Big Data-Driven Mobile IoT Intelligence

CCMbAS: A Provably Secure CCM-Based Authentication Scheme for Mobile Internet

Abstract

1. Introduction

2. Related Theoretical Knowledge

2.1. Fuzzy Extractor

2.2. Chebyshev Map

3. Scheme Design

3.1. Symbol Definitions

3.2. System Settings

3.3. Registration Phase

3.3.1. Server Registration Phase

3.3.2. User Registration Phase

3.4. Login, Authentication, and Key Agreement Phase

3.5. Password Change

3.6. Identity and Biometric Feature Change

4. Scheme Security

4.1. Security Analysis

4.1.1. Key Security

4.1.2. Terminal Lost Attack

4.1.3. Password Guessing Attack

4.1.4. Impersonation Attack

4.1.5. Eavesdropping Attack

4.1.6. Denial-of-Service Attack

4.1.7. Man-in-the-Middle Attack

4.1.8. Replay Attack

4.1.9. Privileged Insider Attack

4.1.10. Forward Security

4.1.11. Mutual Authentication

4.2. BAN Logical Proof

4.2.1. BAN Logic

4.3. Scheme Security Proof

4.4. ProVerif Verification

4.4.1. ProVerif Code

4.4.2. Performance Result

5. Performance

5.1. Computation Cost

5.2. Communication Cost

6. Conclusion

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright