Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2018, Article ID 9062675, 15 pages
https://doi.org/10.1155/2018/9062675
Research Article

A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

1School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China
2School of Software and Microelectronics, Peking University, Beijing, China

Correspondence should be addressed to Guoai Xu; nc.ude.tpub@agx

Received 28 August 2017; Accepted 29 January 2018; Published 15 April 2018

Academic Editor: Shujun Li

Copyright © 2018 Chenyu Wang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. X. Huang, Y. Xiang, A. Chonka, J. Zhou, and R. H. Deng, “A generic framework for three-factor authentication: Preserving security and privacy in distributed systems,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 8, pp. 1390–1397, 2011. View at Publisher · View at Google Scholar · View at Scopus
  2. D. Wang and P. Wang, “Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound,” IEEE Transactions on Dependable and Secure Computing, 2016. View at Publisher · View at Google Scholar
  3. S. Kumari, M. K. Khan, X. Li, and F. Wu, “Design of a user anonymous password authentication scheme without smart card,” International Journal of Communication Systems, vol. 29, no. 3, pp. 441–458, 2016. View at Publisher · View at Google Scholar · View at Scopus
  4. C. Wang, D. Wang, G. Xu, and Y. Guo, “A lightweight password-based authentication protocol using smart card,” International Journal of Communication Systems, vol. 30, no. 16, Article ID e3336, 2017. View at Publisher · View at Google Scholar · View at Scopus
  5. A. K. Das, “Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards,” IET Information Security, vol. 5, no. 3, pp. 145–151, 2011. View at Publisher · View at Google Scholar · View at Scopus
  6. L. Li, I. Lin, and M. Hwang, “A remote password authentication scheme for multiserver architecture using neural networks,” IEEE Transactions on Neural Networks and Learning Systems, vol. 12, no. 6, pp. 1498–1504, 2001. View at Publisher · View at Google Scholar · View at Scopus
  7. I. C. Lin, M. S. Hwang, and L. H. Li, “A new remote user authentication scheme for multi-server architecture,” Future Generation Computer Systems, vol. 19, no. 1, pp. 13–22, 2003. View at Publisher · View at Google Scholar · View at Scopus
  8. W. S. Juang, “Efficient multi-server password authenticated key agreement using smart cards,” IEEE Transactions on Consumer Electronics, vol. 50, no. 1, pp. 251–255, 2004. View at Publisher · View at Google Scholar · View at Scopus
  9. C.-C. Chang and J.-S. Lee, “An efficient and secure multi-server password authentication scheme using smart cards,” in Proceedings of the Proceedings - 2004 International Conference on Cyberworlds, CW 2004, pp. 417–422, jpn, November 2004. View at Scopus
  10. W. Tsaur, C. Wu, and W. Lee, “A smart card-based remote scheme for password authentication in multi-server internet services,” Computer Standards & Interfaces, vol. 27, no. 1, pp. 39–51, 2004. View at Google Scholar
  11. J.-L. Tsai, “Efficient multi-server authentication scheme based on one-way hash function without verification table,” Computers & Security, vol. 27, no. 3-4, pp. 115–121, 2008. View at Publisher · View at Google Scholar · View at Scopus
  12. Y. Liao and S. Wang, “A secure dynamic id based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, vol. 31, no. 1, pp. 24–29, 2009. View at Google Scholar
  13. H. Hsiang and W. Shih, “Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment,” Computer Standards & Interfaces, vol. 31, no. 6, pp. 1118–1123, 2009. View at Google Scholar
  14. S. K. Sood, A. K. Sarje, and K. Singh, “A secure dynamic identity based authentication protocol for multi-server architecture,” Journal of Network and Computer Applications, vol. 34, no. 2, pp. 609–618, 2011. View at Publisher · View at Google Scholar · View at Scopus
  15. C. Li, C. Weng, and C. Fan, “Two-factor user authentication in multi-server networks,” International Journal of Security and its Applications, vol. 6, pp. 261–267, 2012. View at Google Scholar
  16. S. Sood, “Dynamic idengtity based authentication protocol for two-sever architecture,” Journal of Information Security, vol. 3, no. 4, pp. 326–334, 2012. View at Google Scholar
  17. R. Amin, “Cryptanalysis and efficient dynamic ID based remote user authentication scheme in multi-server environment using smart card,” International Journal of Network Security, vol. 18, no. 1, pp. 172–181, 2016. View at Google Scholar · View at Scopus
  18. T. Maitra, S. H. Islam, R. Amin, D. Giri, M. K. Khan, and N. Kumar, “An enhanced multi-server authentication protocol using password and smart-card: cryptanalysis and design,” Security and Communication Networks, vol. 9, no. 17, pp. 4615–4638, 2016. View at Publisher · View at Google Scholar · View at Scopus
  19. J.-S. Leu and W.-B. Hsieh, “Efficient and secure dynamic ID-based remote user authentication scheme for distributed systems using smart cards,” IET Information Security, vol. 8, no. 2, pp. 104–113, 2014. View at Publisher · View at Google Scholar · View at Scopus
  20. X. Li, J. Niu, S. Kumari, J. Liao, and W. Liang, “An Enhancement of a Smart Card Authentication Scheme for Multi-server Architecture,” Wireless Personal Communications, vol. 80, no. 1, pp. 175–192, 2015. View at Publisher · View at Google Scholar · View at Scopus
  21. D. Mishra, “Design and Analysis of a Provably Secure Multi-server Authentication Scheme,” Wireless Personal Communications, vol. 86, no. 3, pp. 1095–1119, 2016. View at Publisher · View at Google Scholar · View at Scopus
  22. D. Wang, H. Cheng, P. Wang, X. Huang, and G. Jian, “Zipfs law in passwords,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 11, pp. 2776–2791, 2017. View at Publisher · View at Google Scholar
  23. D. Wang, Q. Gu, H. Cheng, and P. Wang, “The request for better measurement: A comparative evaluation of two-factor authentication schemes,” in Proceedings of 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS, pp. 475–486, China, June 2016. View at Publisher · View at Google Scholar · View at Scopus
  24. Q. Jiang, Z. Chen, B. Li, J. Shen, L. Yang, and J. Ma, “Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems,” Journal of Ambient Intelligence and Humanized Computing, pp. 1–13, 2017. View at Publisher · View at Google Scholar
  25. S. H. Islam, “Design and analysis of an improved smartcard-based remote user password authentication scheme,” International Journal of Communication Systems, vol. 29, no. 11, pp. 1708–1719, 2016. View at Publisher · View at Google Scholar · View at Scopus
  26. C. Wang and G. Xu, “Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card,” Security and Communication Networks, vol. 2017, pp. 1–14, 2017. View at Publisher · View at Google Scholar
  27. L. Xiong, D. Peng, T. Peng, H. Liang, and Z. Liu, “A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks,” Sensors, vol. 17, no. 11, p. 2681, 2017. View at Google Scholar
  28. D. Wang, D. He, P. Wang, and C.-H. Chu, “Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment,” IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 4, pp. 428–442, 2015. View at Publisher · View at Google Scholar · View at Scopus
  29. Q. Xie, N. Dong, D. S. Wong, and B. Hu, “Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol,” International Journal of Communication Systems, vol. 29, no. 3, pp. 478–487, 2016. View at Publisher · View at Google Scholar · View at Scopus
  30. J. Wei, W. Liu, and X. Hu, “Secure and efficient smart card based remote user password authentication scheme,” International Journal of Network Security, vol. 18, no. 4, pp. 782–792, 2016. View at Google Scholar · View at Scopus
  31. F. Wu, L. Xu, S. Kumari, X. Li, and A. Alelaiwi, “A new authenticated key agreement scheme based on smart cards providing user anonymity with formal proof,” Security and Communication Networks, vol. 8, no. 18, pp. 3847–3863, 2015. View at Publisher · View at Google Scholar · View at Scopus
  32. C.-G. Ma, D. Wang, and S.-D. Zhao, “Security flaws in two improved remote user authentication schemes using smart cards,” International Journal of Communication Systems, vol. 27, no. 10, pp. 2215–2227, 2014. View at Publisher · View at Google Scholar · View at Scopus
  33. X. Huang, Y. Xiang, E. Bertino, J. Zhou, and L. Xu, “Robust multi-factor authentication for fragile communications,” IEEE Transactions on Dependable and Secure Computing, vol. 11, no. 6, pp. 568–581, 2014. View at Publisher · View at Google Scholar · View at Scopus
  34. Q. Jiang, S. Zeadally, J. Ma, and D. He, “Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks,” IEEE Access, vol. 5, pp. 3376–3392, 2017. View at Publisher · View at Google Scholar
  35. X. Li, J. Niu, S. Kumari, J. Liao, W. Liang, and M. K. Khan, “A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity,” Security and Communication Networks, vol. 9, no. 15, pp. 2643–2655, 2016. View at Publisher · View at Google Scholar
  36. Q. Jiang, J. Ma, C. Yang, X. Ma, J. Shen, and S. A. Chaudhry, “Efficient end-to-end authentication protocol for wearable health monitoring systems,” Computers and Electrical Engineering, 2017. View at Publisher · View at Google Scholar · View at Scopus
  37. D. He, S. Zeadally, N. Kumar, and W. Wu, “Efficient and Anonymous Mobile User Authentication Protocol Using Self-Certified Public Key Cryptography for Multi-Server Architectures,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 9, pp. 2052–2064, 2016. View at Publisher · View at Google Scholar · View at Scopus
  38. V. Odelu, A. K. Das, and A. Goswami, “A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 9, pp. 1953–1966, 2015. View at Publisher · View at Google Scholar · View at Scopus
  39. D. Wang and P. Wang, “On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions,” Computer Networks, vol. 73, pp. 41–57, 2014. View at Publisher · View at Google Scholar · View at Scopus
  40. M. Burrows, M. Abadi, and R. Needham, “Logic of authentication,” ACM Transactions on Computer Systems, vol. 8, no. 1, pp. 18–36, 1990. View at Publisher · View at Google Scholar · View at Scopus
  41. S. Kumari, X. Li, F. Wu, A. K. Das, K.-K. R. Choo, and J. Shen, “Design of a provably secure biometrics-based multi-cloud-server authentication scheme,” Future Generation Computer Systems, vol. 68, pp. 320–330, 2017. View at Publisher · View at Google Scholar · View at Scopus
  42. A. Irshad, M. Sher, S. A. Chaudhry et al., “A secure mutual authenticated key agreement of user with multiple servers for critical systems,” Multimedia Tools and Applications, 2017. View at Google Scholar
  43. A. Irshad, S. A. Chaudhry, S. Kumari, M. Usman, K. Mahmood, and M. S. Faisal, “An improved lightweight multiserver authentication scheme,” International Journal of Communication Systems, 2017. View at Publisher · View at Google Scholar · View at Scopus