A Novel Three-Factor Authentication Scheme with High Security for Multi-Server Environments

Recently, Om et al. proposed three-factor remote user authentication protocol using ElGamal cryptosystem and ensured that it is withstands to various kinds of security attacks. But, the authors review carefully Om et al.'s scheme and discover that it unable to resist three attacks (like password guessing; denial of service; and user impersonation). Moreover, their protocol is not facilitating user anonymity. To solve these security vulnerabilities, the authors devise a secure and robust anonymous identity based authentication scheme for multi-server environment. The authentication proof of the proposed scheme has validated using BAN (Burrows-Abadi-Needham) logic, which confirms the protocol facilitates mutual authentication and session-key negotiation securely. Informal security analysis also confirms that it is well protected against various security attacks. In addition, the proposed work is compared along with other schemes (in the context of smart card storage and computation costs as well as execution time).

Download Full-text

Enhancing Biometric and Mutual Verification in Multi-server Three-factor User Remote Authentication Scheme with Elliptic Curve Cryptography

Proceedings of the 7th International Conference on Communications and Broadband Networking - ICCBN 2019 ◽

10.1145/3330180.3330188 ◽

2019 ◽

Author(s):

Chih-Hung Wang ◽

Kuei-Ching Hsu

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Authentication Scheme ◽

Remote Authentication ◽

Multi Server ◽

Three Factor

Download Full-text

Three-Factor Fast Authentication Scheme with Time Bound and User Anonymity for Multi-Server E-Health Systems in 5G-Based Wireless Sensor Networks

Sensors ◽

10.3390/s20092511 ◽

2020 ◽

Vol 20 (9) ◽

pp. 2511 ◽

Cited By ~ 1

Author(s):

Alice May-Kuen Wong ◽

Chien-Lung Hsu ◽

Tuan-Vinh Le ◽

Mei-Chen Hsieh ◽

Tzu-Wei Lin

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Health System ◽

Health Systems ◽

User Anonymity ◽

Authentication Scheme ◽

Wireless Sensor ◽

Multi Server ◽

Server Architecture ◽

Three Factor

The fifth generation (5G) mobile network delivers high peak data rates with ultra-low latency and massive network capacity. Wireless sensor network (WSN) in Internet of Thing (IoT) architecture is of prominent use in 5G-enabled applications. The electronic healthcare (e-health) system has gained a lot of research attention since it allows e-health users to store and share data in a convenient way. By the support of 5G technology, healthcare data produced by sensor nodes are transited in the e-health system with high efficiency and reliability. It helps in reducing the treatment cost, providing efficient services, better analysis reports, and faster access to treatment. However, security and privacy issues become big concerns when the number of sensors and mobile devices is increasing. Moreover, existing single-server architecture requires to store a massive number of identities and passwords, which causes a significant database cost. In this paper, we propose a three-factor fast authentication scheme with time bound and user anonymity for multi-server e-health systems in 5G-based wireless sensor networks. In our work, the three-factor authentication scheme integrating biometrics, password, and smart card ensures a high-security sensor-enabled environment for communicating parties. User anonymity is preserved during communication process. Besides, time bound authentication can be applied to various healthcare scenarios to enhance security. The proposed protocol includes fast authentication, which can provide a fast communication for participating parties. Our protocol is also designed with multi-server architecture to simplify network load and significantly save database cost. Furthermore, security proof and performance analysis results show that our proposed protocol can resist various attacks and bear a rational communication cost.

Download Full-text