Authentication is a process by which one can prove the identity of a communicating partner and/or confirm the genuineness of a document. The process becomes a corner stone of security services in any applications ranging from "defense sector" to "grocery shop". Initially, authentication process mostly surrounded by the memorized passwords, but after the remarkable breakthrough in cryptography by Diffie and Hellman in 1976, various authentication techniques from password to public key concepts have been evolved over the period. This paper tries to focus some of the advanced techniques of authentication. We discuss about Data and Entity authentication and propose a scheme that provides two-factor mutual authentication.
Keywords: Authentication, Digital signature, Smart card, Timestamp
[...] Therefore, investigating authentication techniques would be an important direction. In this paper, we discuss Data authentication and its security notion, and then propose an entity authentication technique that provides two-factor authentication, to have a more robust, secure, and efficient framework to this important theme Authentication Techniques The authentication technique is mainly divided into two categories, namely, Data authentication and Entity authentication Data Authentication Data authentication is a process by which the validity of a document and authenticity of the sender are confirmed. [...]
[...] Efficiency: The authentication phase of the scheme has two stages of computation. The user sends the login request which involves only one elliptic curve point addition and one Map-to-Point operations. The verification of login request requires one elliptic curve point scalar multiplication and one Map-to-Point operation. Thus, the total cost of a successful login requires one elliptic curve point scalar multiplication, one elliptic curve point addition and two Map-to-Point operations. We note that the elliptic curve point multiplication is executed at RS that removes the burden of high computation requirements in a smart card. [...]
[...] Impersonation Attack: An adversary may impersonate user login by forging a login request and acts as a legitimate user by logging in to the server A Scheme based on Elliptic Curve Arithmetic We observe that most of the remote systems authentication schemes provide only one-way authentication, that is, only remote system can check the authenticity of a user. The user cannot check whether he is communicating with the correct server. It is a vital gap for the scenario where a potential adversary can spoof the RS and gets valuable information from users. [...]
[...] Authentication Phase: This phase is executed every time when a user wants to login the RS. The phase is further divided into user authentication and RS authentication phases. In user authentication phase, user sends a login request to RS and RS validates the request. In RS authentication phase, RS sends a response to the user and the user validates the response. User Authentication: The user Ui attaches the smart card to a terminal and enters his IDi and PWi which are verified by the smart card. [...]
[...] Stolen-verifier attack on two new strong- password authentication protocols. IEICE Transactions on Communications Vol. E58-B, No.11,pp.2519– - National Institute of Standards and Technology. Digital Signature Standard FIPS Publication 186 M. L. Das, A. Saxena and V. P. Gulati, A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, Vol.50, No.2, pp.629– -W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, Vol. IT-22, pp. 644- -T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. [...]
APA Style reference
For your bibliographyOnline reading
with our online readerContent validated
by our reading committee
