A robust password-based remote user authentication scheme using bilinear pairings without using smart cards

Abstract

With the rapid growth of Internet services, remote user authentication becomes an important issue for the security of accessing the remote server's sources. Since Das et al. (2006) first proposed a novel ID-based remote user authentication scheme using bilinear pairings, the password-based remote user authentication schemes using bilinear pairings with smart cards are proposed successively to enhance the system security. With the popularity of various portable memory devices such as USB stick, cell phone and PDA, remote user authentication using them motivate our study. The existing user authentication scheme using bilinear pairing cannot be applied to that using portable memory devices lacking for tamper-resistance techniques. In this paper, we propose a robust ID-based remote user authentication scheme on bilinear pairing w ith ou t using smart cards. Ou r sch eme in volves one-time password authentication to enhance the security of user's password. Security analysis shows that our scheme retains the merits of robust remote user authentication using smart cards but offers nice properties such as user's identity protection and perfect forward secrecy. Performance and functionality comparisons of other scheme prove that the proposed scheme is well suited to portable memory devices with limited computing capability.