• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography

Vol. 13, No. 2, February 27, 2019
10.3837/tiis.2019.02.027, Download Paper (Free):

Abstract

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.’s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
S. Qiu, G. Xu, H. Ahmad, G. Xu, X. Qiu, H. Xu, "An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography," KSII Transactions on Internet and Information Systems, vol. 13, no. 2, pp. 978-1002, 2019. DOI: 10.3837/tiis.2019.02.027.

[ACM Style]
Shuming Qiu, Guosheng Xu, Haseeb Ahmad, Guoai Xu, Xinping Qiu, and Hong Xu. 2019. An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography. KSII Transactions on Internet and Information Systems, 13, 2, (2019), 978-1002. DOI: 10.3837/tiis.2019.02.027.

[BibTeX Style]
@article{tiis:22017, title="An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography", author="Shuming Qiu and Guosheng Xu and Haseeb Ahmad and Guoai Xu and Xinping Qiu and Hong Xu and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2019.02.027}, volume={13}, number={2}, year="2019", month={February}, pages={978-1002}}