Citation: | DONG Xiaolu, LI Meihong, DU Ye, et al. A biometric verification based authentication scheme using Chebyshev chaotic mapping[J]. Journal of Beijing University of Aeronautics and Astronautics, 2019, 45(5): 1052-1058. doi: 10.13700/j.bh.1001-5965.2018.0512(in Chinese) |
In cloud computing, access control and security are two major problems, and there are some differences from traditional identity authentication. Inspired by the semi-group and chaotic properties of Chebyshev polynomials, a scheme of password-authenticated key agreement using Chebyshev chaotic mapping and biometrics has been presented. In the proposed model, the users and the servers need to register at the cloud service provider (CSP) in the beginning. Then they can complete authentication and establish session key without the participation of CSP. Moreover, security analysis and performance comparison show that the proposed scheme satisfies many security factors, such as mutual authentication, user privacy protection, multi-factor security and forward security. Forward security assures the confidentiality of the user's session key, even if the private key of the CSP is compromised. The proposed scheme is also robust to resist man-in-the-middle attacks, off-line password guessing and impersonation attacks, etc. In addition, it supports efficient changes to user passwords and biometric characteristics in a multi-server environment.
[1] |
MAJUMDER A, NAMASUDRA S, NATH S.Taxonomy and classification of access control models for cloud environments[M].Berlin:Springer-Verlag, 2014:23-53.
|
[2] |
YANG J H, CHANG Y F, HUANG C C.A user authentication scheme on multi-server environments for cloud computing[C]//Communications and Signal Processing.Piscataway, NJ: IEEE Press, 2014: 1-4. https://www.researchgate.net/publication/271555870_A_user_authentication_scheme_on_multi-server_environments_for_cloud_computing
|
[3] |
YANG J H, LIN P Y.An ID-based user authentication scheme for cloud computing[C]//10th International Conference on Intelligent Information Hiding and Multimedia Signal Processing.Piscataway, NJ: IEEE Press, 2014: 98-101. https://ieeexplore.ieee.org/document/6998277/
|
[4] |
YASSIN A A, JIN H, IBRAHIM A, et al.A practical privacy-preserving password authentication scheme for cloud computing[C]//Parallel and Distributed Processing Symposium Workshops & PHD Forum Piscataway, NJ: IEEE Press, 2012: 1210-1217. https://www.researchgate.net/publication/258206733_A_Practical_Privacy_preserving_Password_authentication_Scheme_for_Cloud_Computing
|
[5] |
TSAI J L, LO N W.A privacy-aware authentication scheme for distributed mobile cloud computing services[J].IEEE Systems Journal, 2017, 9(3):805-815. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=8536486a2db81ba1528a087c7bdcddf0
|
[6] |
LAMPORT L.Password authentication with insecure communication[J].Communications of the ACM, 1981, 24(24):770-772. doi: 10.1145-358790.358797/
|
[7] |
SHOUP V, RUBIN A.Session key distribution using smart cards[C]//International Conference on Theory and Application of Cryptographic Techniques.Berlin: Springer-Verlag, 1996: 321-331.
|
[8] |
HWANG M S, LI H.A new remote user authentication scheme using smart cards[J].IEEE Transactions on Consumer Electronics 2000, 46(1):28-30. doi: 10.1109/30.826377
|
[9] |
HE D, WANG D.Robust biometrics-based authentication scheme for multiserver environment[J].IEEE Systems Journal, 2015, 9(3):816-823. doi: 10.1109/JSYST.2014.2301517
|
[10] |
ODELU V, DAS AK, GOSWAMI A.A secure biometrics based multi-server authentication protocol using smart cards[J].IEEE Transactions on Information Forensicsand Security, 2015, 10(9):1953-1966. doi: 10.1109/TIFS.2015.2439964
|
[11] |
WAZID M, DAS A K, KUMARI S, et al.Provably secure biometric-based user authentication and key agreement scheme in cloud computing[J].Security & Communication Networks, 2016, 9(17):4103-4119. http://cn.bing.com/academic/profile?id=02fe9daf8a86dd7c5f8ba001800e3f09&encoded=0&v=paper_preview&mkt=zh-cn
|
[12] |
NAMASUDRA S, ROY P.A new secure authentication scheme for cloud computing environment[J].Concurrency & Computation Practice & Experience, 2017, 29:e3864. http://cn.bing.com/academic/profile?id=a5b6a2807dfb1221ae5f9d86d6517089&encoded=0&v=paper_preview&mkt=zh-cn
|
[13] |
DODIS Y, OSTROVSKY R, REYZIN L, et al.Fuzzy extractors:How to generate strong keys from biometrics and other noisy data[J].SIAM Journal on Computing, 2008, 38(1):97-139. doi: 10.1137/060651380
|
[14] |
CHRISTOPH G G.An Identity-based key-exchange protocol[C]//Workshop on the Theory and Application of of Cryptographic Techniques.Berlin: Springer, 1989: 235-258.
|
[15] |
MESSERGES T S, DABBISH E A, SLOAN R H.Examining smart-card security under the threat of power analysis attacks[J].IEEE Transactions on Computers, 2002, 51(5):541-552. doi: 10.1109/TC.2002.1004593
|
[16] |
PIPPAL R S, JAIDHAR C D, TAPASWI S.Enhanced time-bound ticket-based mutual authentication scheme for cloud computing[J].Informatica, 2013, 37(2):149-156. http://cn.bing.com/academic/profile?id=dcc91736db2e3d4f401f0c30e18b2bad&encoded=0&v=paper_preview&mkt=zh-cn
|
[17] |
HAO Z, ZHONG S, YU N.A time-bound ticket-based mutual authentication scheme for cloud computing[J].International Journal of Computers Communications & Control, 2011, Ⅵ(2):227-235. http://cn.bing.com/academic/profile?id=9fabcefca2491727889f18fce0c4bf77&encoded=0&v=paper_preview&mkt=zh-cn
|
[18] |
CHEN T H, YEH H, SHIH W K.An advanced ECC dynamic ID-based remote mutual authentication scheme for cloud computing[C]//FTRA International Conference on Multimedia & Ubiquitous Engineering.Piscataway, NJ: IEEE Press, 2011: 155-159. https://www.researchgate.net/publication/221281948_An_Advanced_ECC_Dynamic_ID-Based_Remote_Mutual_Authentication_Scheme_for_Cloud_Computing
|
[19] |
LI H, LI F, SONG C, et al.Towards smart card based mutual authentication schemes in cloud computing[J].KSⅡ Transactions on Internet & Information Systems, 2015, 9(7):2719-2735. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=JAKO201536553511304
|
[20] |
LI W, WEN Q, SU Q, et al.An efficient and secure mobile payment protocol for restricted connectivity scenarios in vehicular ad hoc network[J].Computer Communications, 2012, 35(2):188-195. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=58638ab866515a9e003bab7dc4bd16d9
|
[21] |
HE D, KUMAR N, LEE J H, et al.Enhanced three-factor security protocol for consumer USB mass storage devices[J].IEEE Transactions on Consumer Electronics, 2014, 60(1):30-37. doi: 10.1109/TCE.2014.6780922
|
[22] |
YOON E J, JEON I S.An efficient and secure Diffie-Hellman key agreement protocol based on Chebyshev chaotic map[J].Communications in Nonlinear Science & Numerical Simulation, 2011, 16(6):2383-2389. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=d7980abeaabeec54a9ca66a0b852815e
|
[23] |
WANG X Y, ZHAO J F.An improved key agreement protocol based on chaos[J].Communications in Nonlinear Science & Numerical Simulation, 2010, 15(12):4052-4057. http://cn.bing.com/academic/profile?id=0ee9d3dc2d2c71959a854e97622124f9&encoded=0&v=paper_preview&mkt=zh-cn
|