Abstract
Nowadays users can access various online services and resources from distributed information systems remotely via Internet or other public networks. However, remote online systems are vulnerable to many security attacks due to they are built on public networks. Therefore it is necessary to design an authentication scheme for securing network communications between a login user and a remote server. In 2016, Han et al. proposed a secure three-factor authentication scheme based on elliptic curve cryptography (ECC) to achieve this goal. Unfortunately, we analyzed Han et al.’s scheme and demonstrated that their authentication scheme cannot satisfactory to be implemented in practice because it fails to ensure the property of unlinkability between the login user and the remote server and is unable to withstand account duplication attack. In this paper, we suggest an enhanced anonymous authentication scheme to repair the security flaws in Han et al.’s scheme. We give the security analysis and performance evaluation to demonstrate that the proposed scheme not only resists the aforementioned security weaknesses on Han et al.’s scheme but also inherits the functionality merits and performance efficiencies of their authentication scheme.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
