Next Article in Journal
A Flexible Capacitive Pressure Sensor Based on Ionic Liquid
Previous Article in Journal
Cooperative Dynamic Game-Based Optimal Power Control in Wireless Sensor Network Powered by RF Energy
Open AccessArticle

A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography

1
School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China
2
Elementary Educational College, Jiangxi Normal University, Nanchang 330022, China
3
Department of Computer Science, National Textile University, Faisalabad 37610, Pakistan
4
High-Tech Research and Development Center, the Ministry of Science and Technology, Beijing 100044, China
*
Author to whom correspondence should be addressed.
Sensors 2018, 18(7), 2394; https://doi.org/10.3390/s18072394
Received: 2 July 2018 / Revised: 18 July 2018 / Accepted: 20 July 2018 / Published: 23 July 2018
(This article belongs to the Section Internet of Things)
To provide secure communication, the authentication-and-key-agreement scheme plays a vital role in multi-server environments, Internet of Things (IoT), wireless sensor networks (WSNs), etc. This scheme enables users and servers to negotiate for a common session initiation key. Our proposal first analyzes Amin et al.’s authentication scheme based on RSA and proves that it cannot provide perfect forward secrecy and user un-traceability, and is susceptible to offline password guessing attack and key-compromise user impersonation attack. Secondly, we provide that Srinivas et al.’s multi-server authentication scheme is not secured against offline password guessing attack and key-compromise user impersonation attack, and is unable to ensure user un-traceability. To remedy such limitations and improve computational efficiency, we present a multi-server two-factor authentication scheme using elliptic curve cryptography (ECC). Subsequently, employing heuristic analysis and Burrows–Abadi–Needham logic (BAN-Logic) proof, it is proven that the presented scheme provides security against all known attacks, and in particular provides user un-traceability and perfect forward security. Finally, appropriate comparisons with prevalent works demonstrate the robustness and feasibility of the presented solution in multi-server environments. View Full-Text
Keywords: multi-server; authentication; key agreement; elliptic curve cryptography (ECC); BAN-Logic; wireless sensor networks (WSNs) multi-server; authentication; key agreement; elliptic curve cryptography (ECC); BAN-Logic; wireless sensor networks (WSNs)
Show Figures

Figure 1

MDPI and ACS Style

Xu, G.; Qiu, S.; Ahmad, H.; Xu, G.; Guo, Y.; Zhang, M.; Xu, H. A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography. Sensors 2018, 18, 2394.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop