Skip to main content
SpringerLink
Log in

Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy

  • Conference paper
Wireless Algorithms, Systems, and Applications (WASA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 4138))

Abstract

With the flourish of applications over the wired /wireless networks, how to keep user’s privacy has drawn growing concerns in recent years. Although the issue of user anonymity has been addressed in digital signature field by introducing the concepts of ring and group signatures, they are not suitable to anonymously authenticate a user in wireless mobile applications, because these signature schemes need infrastructure support and heavy computational costs which is beyond the computational ability of a smart card embedded in a hand-held device. In this paper, we propose an anonymous authentication scheme which also supports Diffie-Hellman key exchange. Our scheme is very efficient since it mainly uses hash and XOR operations. Moreover, our scheme possesses many good virtues of existing authentication schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Liao, I.E., Lee, C.C., Hwang, M.S.: A password authentication scheme over insecure networks. J. Comput. System Sci. (2005)

    Google Scholar 

  2. Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)

    Google Scholar 

  4. Viet, D.Q., Yamamura, A., Tanaka, H.: Anonymous Password-Based Authenticated Key Exchange. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 244–257. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  5. Bo, Z., Wan, Z.G., Kankanhalli, M.S., Feng, B., Deng, R.H.: Anonymous secure routing in mobile ad-hoc networks, Local Computer Networks, 2004. In: 29th Annual IEEE International Conference, November 16-18, pp. 102–108 (2004)

    Google Scholar 

  6. Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous Identification in Ad Hoc Groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  7. Chien, H.Y., Chen, C.H.: A remote authentication scheme preserving user anonymity. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications - AINA 2005, pp. 245–248 (2005)

    Google Scholar 

  8. Chien, H.Y., Jan, J., Tseng, Y.: An efficient and practical solution to remote authentication: smart card. Computer Security 21(4), 372–375 (2002)

    Article  Google Scholar 

  9. Hsu, C.L.: Security of Chien et al.’s remote user authentication scheme using smart cards. Computer Standards and Inerfaces 26(3), 167–169 (2004)

    Article  Google Scholar 

  10. Lu, R.X., Cao, Z.F., Su, R.W.: A self-encryption remote user anonymous authentication scheme using smart cards. Journal of Shanghai Jiaotong University (2006)

    Google Scholar 

  11. Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron 46(1), 28–30 (2000)

    Article  Google Scholar 

  12. Lamport, L.: Password authentication with insecure communication. Communication of ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  13. Yang, W.H., Shieh, S.P.: Password authentication schemes with smart card. Computer Security 18(8), 727–733 (1999)

    Article  Google Scholar 

  14. Wu, S.T., Chieu, B.C.: A user friendly remote authentication scheme with smart cards. Computers & Security 22(6), 547–550 (2003)

    Article  Google Scholar 

  15. Chen, C.M., Ku, W.C.: Stolen-verifier attack on two new strong-password authentication protocal. IEICE Transactions on Communications E85-B(11), 2519–2521 (2002)

    Google Scholar 

  16. Damgård, I.B.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiaotong University, 1954 Huashan Road, Shanghai, 200030, P.R. China

    Zhenchuan Chai, Zhenfu Cao & Rongxing Lu

Authors
  1. Zhenchuan Chai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhenfu Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rongxing Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, The George Washington University, 801 22nd Street NW, Suite 704., 20052, Washington DC, USA

    Xiuzhen Cheng

  2. School of Information Science and Technology, Sun Yat-sen University, 510275, Guangzhou, China

    Wei Li

  3. Computer Science Department, University of Pittsburgh, PA 15260, Pittsburgh, USA

    Taieb Znati

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chai, Z., Cao, Z., Lu, R. (2006). Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy. In: Cheng, X., Li, W., Znati, T. (eds) Wireless Algorithms, Systems, and Applications. WASA 2006. Lecture Notes in Computer Science, vol 4138. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11814856_45

Download citation

  • DOI: https://doi.org/10.1007/11814856_45

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-37189-2

  • Online ISBN: 978-3-540-37190-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation