A Novel High-Efficiency Password Authentication and Key Agreement Protocol for Mobile Client-Server

Abstract

With the development of wireless technology, people increasingly rely on mobile devices. Since most mobile devices transmit sensitive information via insecure public channels, it is important to design multiauthentication key agreement protocols for security protection. Traditional scholars tend to use traditional public-key cryptosystems (PKCs) in their protocols to improve security. High-cost operations (e.g., elliptic curve point multiplication and bilinear pairing) were widely used in their scheme but were not suitable for mobile devices because of limited computing resources. In this study, we designed a novel high-efficiency multiauthentication and key agreement protocol and demonstrate its security in the random oracle model. Compared with other protocols, our proposed scheme only uses string concatenation operations, one-way hash functions, and XOR operations. In addition, our protocol requires much fewer computing resources to achieve the same level of security.