Professional Documents
Culture Documents
Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 1, Issue 4, November December 2012 ISSN 2278-6856
A Noble Remote User Authentication Protocol Based on Smart Card Using Hash Function
Deepchand Ahirwal1, Prof. Sandeep Raghuwanshi2
Scholar M.Tech, Information Technology, Samrat Ashok Technological Institute, Vidisha (M. P.), India Assistant Professor, Information Technology, Samrat Ashok Technological Institute, Vidisha (M. P.), India Abstract- The security issues are always raised for remote
authentication service. Smart card based authentication protocol is best suited for authenticate legitimate user. Developing secure authentication protocol is a strong challenge. There are many potential attacks that are targeted at authentication such as insider attack, offline password guessing attack, masquerade attack, server spoofing attack, and parallel session attack. Recently many previous proposed schemes are fail to resist these attacks. In this paper we introduce a remote authentication protocol that provides secure mutual authentication process and session key agreement. Our proposed protocol is providing better security to resist all possible attacks. In this protocol, we use low computing cost hash function and random nonce. We use random nonce to avoid complexity of time synchronization. The proposed protocol is efficient and practical. It is easy to adapt in low-weight devices like the subscriber identity module.
2 1
security,
1. INTRODUCTION
Smart card based remote user authentication is a mechanism to authenticate the legitimate user. Smart card based remote user authentication is mechanism to authenticate the legitimate user by using of smart. In Smart cards memory, some secret information has stored such as identification or password related information of user. In 1986, Lamport [12] introduced first remote user authentication with using of password verification table. In Lamport schemes [12] user has unique identification and password for verifying as legitimate user. This password table takes lot of maintenance cost and unsecure to insider attack. And verification table has risks of being modified by the adversary and the size of the password verification table is directly proportional to the number of user and management of huge table increase load in the server. To avoid storing the password in the server verification table and sends in the plain text form in the insecure network system. In 2000, Hwang and Li [14] proposed a remote user authentication using smart card is based on ElGamals Volume 1, Issue 4 November - December 2012
public key scheme. This proposed protocol withstands replay attack by using time stamp T in login massage. In 2000, Chi and Cheng [2] cryptanalysis Hwang and Li [14] scheme, and found this scheme does not to resist impersonate attack. A legitimate user can impersonate other valid user to use his ID and PW without knowing the secret key. So this scheme was not suitable for secure remote authentication. In 2004, M.L.Das [15] proposed a dynamic ID-based remote user authentication protocol. This protocol use one-way hash function to protect the secret information and symmetric encryption function to encrypt the messages. But D. Giri [4] has analyzed that Dass [15] protocol is vulnerable the offline/ online password guessing attack and weak password change phase. Later, Rafael M. [17] point out the Dass protocol is not secure against insider attack, masquerade attack, server spoofing attack. In Dass [15] protocol, if the attack is legal user. He can extract h (x) secret key from Ai in smart card. Once he obtains secret key h (x), he tries to get other legitimate users PW and also act as masquerade as legal user. While in 2005 H.Y. Chien and Chen et al. [9] point out that in das et al.s protocol user Ui sends the data (Cid, Ni, Ci, T) to the remote server. In each login request, although the Cid dynamically changes every time, the value Ni is same and unique to each user. So that das et al protocol failed to protect the user antonymic. H. Y. Chien and Chen et al. [9] Also proposed a mutual authentication protocol to preserve user anonymity based on modular exponentiation. This efficient is low. In 2007 L. I. Hu [11] found the Chien and Chens [9] protocol is vulnerable to strong masquerade user or server attack, insider attack, replay attack and denial of service attacks and improved it to avoid these weakness. In 2009, J. Xu et al. [10] presented an authentication protocol using such non-tamper resistant smart card based on costly modular exponentiation. However R. Song [18] point out J. Xu et al. [10]s protocol is vulnerable to the user impersonation attack. In 2010, he introduced a new and more secure authentication protocol based on symmetric key cryptosystem and modular exponentiation. However W. B. Horng -Cheng [21] demonstrates that R. Song et al. Page 62
When S receives the login message from Ui at time T, she parses it into the form {IDi, CIDi, Ni, T} and then performs the following steps: Step1. S checks whether T T T. If it doesnt hold, then S directly rejects the users login request. Step2. S computes h (PWi) = CIDi h (Ni y T) IDi. Step3. S computes IDi= Ni h(x) h (PWi) and checks whether IDi is equal to IDi. If IDi is not equal to IDi, then S rejects the users login request; otherwise, S accepts the users login request. Step4. S computes a = h (h (PWi) y T) and sends (a, T) to Ui. When Ui receives the message (a, T) from S at time T, Ui verifies the identity of S, which contains the following step: 1. Ui checks whether T T T. If it doesnt hold, then Ui recognizes the reply as invalid. Otherwise Ui, Page 63
4. PROPOSED PROTOCOL
In this section, we present a smart card based secure remote user authentication protocol. In proposed protocol we use one-way hash function, bitwise exclusive OR operation and random generate nonce. This protocol has four phases: 1- Registration phase, 2-Login phase, 3authentication phase and 4- password change phase. The notations use in proposed protocol and phases are described below. The notations used throughout summarized as follows: Ui IDi PWi S Xs h () Ni, Nj this article are
A remote user Identity of Ui Password chosen by Ui Authentication server Permanent secret key of S One way hash function Bitwise XOR operation Concatenation Random nonce generated by Ui and S respectively
Registration phase In this phase User Ui wants to submit his/her identity IDi and password PWi to server Si via a secure channel to register himself/herself. Before send these information registration authority computes PWi to h (PWi) and send IDi and h (PWi) as a registration request to the server Si. Upon receiving the registration request from user Ui, the server Si computes two parameters Ai, Bi related to his request. Step1-Server computes Ai = h (X) Bi = Ai h (IDi || h (PWi)) Page 64
1. Resistance to Stolen smart card AttackIn case a legitimate user losses his/her smart card. The adversary cannot use this card without knowing the valid password, and if adversary extracts information in its memory {Ai, Bi}. He cannot retrieve ID and PW, because it is computationally infeasible to invert the one-way hash function h (.) and without knowing the Server secret key X. It is not possible to guess out two parameters (ID and PW) correctly at the same time. Therefore the proposed protocol is secure against stolen smart card attack. 2. Resistance to Denial-of- serviceIn the proposed protocol, an adversary can used to invalid ID and PW, and wants to send login request massage continuously to keep server busy. It leads to denial-of-service attack. But he cannot send login request massage because in login phase, smart card reader checks the verification of smart card and correct password. Bi* = Ai h (IDi* || h (PWi*)) And check (Bi = Bi*) Bi stores in smart card. Therefore, its also resistance to denial-of service. 3. Resistance to Insider AttackIf a privileged insider of the Server Si obtains the smart cards secret information {Ai, Bi} from user Ui. He cannot extract sensitive information like {ID, PW,} from Bi. Bi = Ai h (ID || h (PW)), Because it is computationally infeasible to invert the oneway hash function h (.) and also he cannot extract Bi without the knowing of ID and PW. 4. Resistance to Parallel Session AttackIf the attacker can masquerade as legitimate user Ui by a replaying a login request massage { IDi, Ci, Ei, Zi } within the valid time frame window But attacker cannot compute the knowledge massage { Fi, Zj } because knowledge massage does not contains any information to construct next process. Volume 1, Issue 4 November - December 2012
AND
In this section, we compare performance analysis of the proposed protocol with related protocol in terms of storage capacity and computation cost. The computation costs are focus on the registration, login and Page 66
In terms of computation cost, it is defined as the total time of various operation executed in registration, login, and authentication phases. We denote the execution time for one-way hash function HT, and exclusive OR operation require very low execution time as compare to one-way hash function. So it is does consider its computation cost. Same related protocol use the modular exponential operation denotes as MT. the time complexity associated. This takes more execution time to perform modular operations. Table 2. Comparsion of computation cost. Computatio n cost in phases Registration Login Authenticati on Mutual authenticati on Session key
Our protocol R.Song et al. [18] Wang et al. [20]
1 HT 1 HT 3 HT
Insider attack Masquerade attack Parallel session attack Replay attack Offline password attack Secure password change process Denial of service Session key generation and agreement Mutual Authentication
6. CONCLUSION
This paper point out that the protocols proposed by Yoon and Yoo [6], H.T. Liaw [7], M.S. Hwang and Lee [13], M.K. Das [15], R. Song [18], Y. Wang [20], Zhuo Hao [26] are not secure enough against some weaknesses. We showed that their protocols are vulnerable to denial-of service attacks, forgery attacks, insider attacks, password guessing, parallel session attacks, server spoofing, forward Security, replay attacks, and stolen verifier attacks. All necessary requirements and withstands the various aforementioned attacks, we present our proposed smart card based secure remote authentication protocol in section 3. Our proposed protocol resists most current possible attacks that show on security analysis in section 4. In section 5, the performance analysis of our protocol is shown in terms of computation cost and storage capacity. We use one-way hash function in our research. This is most suitable to use in cryptography, because it is low cost, not reversible and two different parameters cannot have same hash value. Because it provides better authentication mechanisms. In future, we suggest more secure and efficient authentication protocol using smart Page 67
2 HT 4 HT 5 HT
1 HT
1 HT
1 HT
1 HT
1 HT
1 HT
No
No
The proposed protocol requires little more and same computation cost to comparison other related protocol. Because of our protocol is resistance to various attacks and same security enhancement. Most related protocols do not satisfy various requirements such as denial-of service, mutual authentication, secure session key agreement. Table 2 shows the computation cost Volume 1, Issue 4 November - December 2012
Page 69