A Password-Based Authentication and Key Establishment Scheme for Mobile Environment

Authors:
Jun Liu;Jianxin Liao;Xiaomin Zhu
Affiliations:
Beijing University of Posts and Telecommunications, China;Beijing University of Posts and Telecommunications, China;Beijing University of Posts and Telecommunications, China
Venue:
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Year:
2007

Citing 0
Cited 1

Security Vulnerabilities of a Remote User Authentication Scheme Using Smart Cards Suited for a Multi-server Environment

ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a cost-effective, use-convenient, and well-performing password-based authentication and key establishment scheme by means of IC (integrated circuit) card, RSA cryptography, and discrete logarithm. There doesn't exist any verification (password) table at the server side. To be applicable for the mobile environment, the scheme is designed as a one-roundtrip protocol to reduce the communi-cation consumption over wireless channel. Moreover, the facts that users in this scheme are avoided downloading CRL (certificate revocation list) periodically and change the passwords in use without any interaction with servers over the radio are another two contributing factors to enhance the performance. Making use of queuing model M/G/1/N, we measure the performance of the scheme and compare it with TLS in terms of response time.