Abstract
Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals.
Highlights
With the rapid growth of internet and wireless communication network, users can use the services of remote server anytime and anywhere
Various schemes based on password, biometric, smart card, dynamic-id or a combination of these have been proposed for remote user authentication
They studied the flaws of Lin and Hwang scheme [3] and found that it is susceptible to insider attack, stolen verifier attack, impersonation attack, many logged-in users attack, known session specific temporary information attack and proposed a secure password authentication and update scheme based on Elliptic Curve Cryptography (ECC)
Summary
With the rapid growth of internet and wireless communication network, users can use the services of remote server anytime and anywhere. This paper is organized as follows: In Section II, survey of recent ECC based password authentication and update schemes for smart cards has been done. A number of password, biometric [30,31], dynamic-id [27,28,29] based authentication and update schemes have been proposed for smart cards [6] [9][12][14][16][23,24,25,26][31], mobile devices [15][17,18,19,20,21,22,23], smart grids, etc; it is practically impossible to conduct a survey of all such schemes
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Technology Management for Growing Economies
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
