2012 IEEE Students’ Conference on Electrical, Electronics and Computer Science

978-1-4673-1515-9/12/$31.00 ©2012 IEEE

An Efficient Smart card based Remote User Authentication Scheme using Hash Function

Swarn Sanjay Sonwanshi Ram Ratan Ahirwal Yogendra Kumar Jain Research Scholar Assistant Professor Head of the Department Computer Science & Engineering Computer Science & Engineering Computer Science & Engineering Samrat Ashok Technological Institute Samrat Ashok Technological Institute Samrat Ashok Technological Institute Vidisha (M. P.) 464001 India Vidisha (M. P.) 464001 India Vidisha (M. P.) 464001 India swarn.sanjay@gmail.com ram2004_ahirwal2004@rediffmail.com ykjain_p@yahoo.co.in

Abstract— Remote user Authentication is a way to restrict access to only those users that are legitimate for remote access. The authentication mechanism is cryptography technique to protect unauthorized access of a network system. Recently, more efficient ID-based and password authentication schemes are proposed by, H.T. Liaw, Wang and Xu R. Song, however, Liaw’s and Wang’s scheme are vulnerable to offline password attack and server masquerade attack parallel session attack. Xu’s scheme is vulnerable to an impersonation attack and R. Song’s Scheme is vulnerable to insider attack, lack of perfect forward security for session keys and denial-of-service attack. In 2010 S.K. Sood proposed an improvement of Liao et al’s scheme. However, this scheme did not provided mutual authentication and maintaining database for verification of the legitimate user. In this paper, we analyze few attacks and finally propose an Efficient Smart card based Remote User Authentication Scheme. The proposed scheme resists most of the current possible attack and provides the essential security requirements.

Keywords- Smart card, remote user authentication, cryptanalysis attacks, hash function, network security, mutual authentication, session key

I. INTRODUCTION In todays an insecure network environments,

Communication securely through open network is one of the common necessities. Many client-server application need security, Cryptography is one of the primary tools for providing better security. The primary goals or aspects of security are data confidentiality, data integrity, authentication and non-repudiation/ accountability. That can be used to thwart numerous types of network- based attacks including eavesdropping, IP spoofing, connection hijacking and tampering.

Remote user authentication scheme is simple and most acceptable and widely adopted mechanism because of its low cost, user friendly and simple implementation advantages. In using with smart card based authentication, it provides more security enhancement. Smart card takes identification and password as input and generates login request to the server. The server judge or verifies the user is legitimate one or not by comparing data that stored in the server administration. The primary goal of the smart card based user authentication

scheme is to verify a valid card holder as having the right and privileges indicated by the issuer of the card.

To avoid storing the password in the server verification table and sends in the plain text form in the insecure network system. Because verification table has risks of being modified by the adversary and the size of the password verification table is directly proportional to the number of user and management of huge table increase load in the server. Recently, there are so many schemes are proposed for secure authentication. These schemes are used one-way function and cryptographic algorithm like RSA, DES, and elliptic curve etc [18]. But none of them can solve all possible problems, necessarily requirements and withstand all possible attacks.

The main motive of our proposed scheme is that to makes the better and secure remote user authentication scheme with smart card in public open network. Because of the current open network is vulnerable to various attacks such as denial-of service attacks, forgery attacks, insider attacks, password guessing, parallel session attacks server spoofing, forward Security, replay attacks, and stolen verifier attacks. The scheme must fulfill the essential requirement. Such as, does not use password verification tables, choose and change freely by user. The scheme must be efficient and practical. The login request should be dynamically changed for each login session to avoid partial information leakage about the user’s login message. The scheme must provide mutual authentication process. A session key is established during the authentication process to provide confidentiality of communication. In case of leak out or stolen the server secret key, the proposed scheme is still secure.

In this paper, we proposed a secure smart card based remote user authentication scheme, we used the one-way hash function and exclusive OR operation to develop our scheme. A hash function must be able to withstand all known types of attack. This one-way hash function protect the most important value like as identity, password and server secret key. It’s computationally infeasible to reversible. Our proposed scheme satisfies all necessary requirements and withstands the various possible attacks.

The rest of this paper is organized as follows, in section 2 reviews of related works and their drawbacks; we describe our propose scheme in section 3, the security analysis of our propose scheme in section 4. In section 5 we compare the performance and efficiency of our propose scheme with the

SCEECS 2012

other related scheme, and finally we reach in conclusion of our paper in section 6.

II. RELATED SCHEME AND ITS WEAKNESS In 2000, Hwang and Li [1] proposed a remote user

authentication using smart card is based on ElGamal’s public key scheme. This proposed scheme withstands replay attack by using time stamp T in login massage. In 2000, Kwong and Cheng [3] cryptanalysis Hwang and Li [1] scheme, and found this scheme does not to resist impersonate attack. A legitimate user can impersonate other valid user to use his ID and PW without knowing the secret key. So this scheme does not suitable for secure remote authentication.

In 2004, M.L.Das [4] proposed a dynamic ID-based remote user authentication scheme. This scheme use one-way hash function to protect the secret information and symmetric encryption function to encrypt the massages. But G. Giri [7] has analyzed that Das’s scheme is vulnerable the offline/ online password guessing attack and weak password change phase. Later, Rafael M. [16] point out the Das’s scheme is not secure against insider attack, masquerade attack, server spoofing attack. In Das’s scheme, if the attack is legal user. He can extract h (x) secret key from Ai in smart card. Once he obtains secret key h (x), he tries to get other legitimate user’s PW and also act as masquerade as legal user.

In 2005, Yoon and Yoo [5] point out that Hwang’s scheme [2] previously generated secret hash values of user are insecure, if the secret key is leaked or stolen. Further they present an improvement of Hwang Lee’s [2] remote user authentication scheme to resolve Hwang’ scheme [2] weakness. But in 2009 Ou and H. Kai [8] claimed that Yoon and Yoo’s scheme exits several serious security flaws. They analyzed an adversary can impersonate a legal. He gets received Ci=h (Bi, T) from the user login request. And computes false Ci’ = h (Vi, T), then the modified login massage to (ID, Ci’, T) and sends to the server. In 2006, H.T. Liaw [6], present an efficient and complete remote user authenticate scheme using smart card. This scheme involves one new phase is session phase, that encrypts the individual private massage with a sort term session key. Liaw’s scheme depends on the secure one-way hash function and generates a random nonce. But in 2009, H. Kai and Ou Quingyu [9] demonstrated several existence security flaws in Liaw et al. scheme [6]. This scheme is vulnerable to the offline password guessing attack, impersonation attack. The adversary can obtain the secret information’s stored in the user’s smart card by monitoring the power consumption or by analyzing the leaked information. Moreover, this scheme is also insecure against the intruder- in the middle and the denial-of service attack.

In 2009, Wang et al. [10] proposed s dynamic ID-based remote user authentication scheme is vulnerable to password guessing attack and sever masquerade attack. In 2009 Zhuo Hao and Yu [11] point out in Wang’s scheme is not suitable for secure remote authentication. If a legal user act as adversary and gets the secret information from his smart card by power analysis. Since adversary known his own ID and PW, he computes Z= Ni� h (PW) � ID =h (X). Once adversary gets h (X), he gets the ability to perform authentication phase with other user by masquerading as the server.

While in 2009, Xu et al. [12] proposed a password authentication scheme using such non-tamper resistant smart cards based on costly modular exponentiations. However in 2010, R. Song [13] demonstrated that Xu’s scheme is

vulnerable to the user impersonation attack and present a new and more efficient advanced smart card based password authentication protocol based on symmetric- key crypto systems and modular exponentiation.

In 2010, W.B. Horng and Lee [15] demonstrated that R. Song’s scheme has several serious security flaws. In R. Song’s scheme [13], if an adversary has retrieved secret information’s stored in user’s smart card and has intercepted one of previous session massage. R. Song’s scheme also is vulnerable to insider attack lack of perfect forward security for session keys, and does not protect user anonymity to preserve user privacy. Moreover, in 2010 S. K. Sood, Sarje and K. Singh [14] proposed an improvement of Liao et al.’s authentication scheme using smart card and claimed that the proposed scheme is secure against the most possible attacks. However, S.K. Sood’s scheme does not provide mutual authentication and maintains database to verifying legitimate user.

In 2011, Chun-Ta Li and Cheng-Chi Lee [17] present a robust remote user authentication scheme using smart card. They claim that their proposed scheme is provide better authentication process and resistance to all possible attacks. But in this scheme is not provide security to the denial-of-service attack.

In this paper, our proposed scheme inherits the merits of different identity and password based remote authentication schemes and resolves the aforementioned problems.

III. OUR PRAPOSED SCHEME In this section, we present a smart card based secure

remote user authentication scheme. In proposed scheme we use one-way hash function and bitwise exclusive OR operation. This scheme has four phases: 1- Registration phase, 2-Login phase, 3- authentication phase, 4- password change phase. The notations use in proposed scheme and phases are described below.

The Notations

Ui - Remote User, Si- Remote Server IDi -Identity of user PWi -Password choose by User X - Permanent secret key H (.) -One-way function � - Bitwise XOR operation || - Concatenation A. Registration Phase- In the registration phase, User Ui wants to submit his/her identity IDi and password PWi to server Si via a secure channel to register himself/herself. Before send these information registration authority computes PWi to h (PWi) and send ID and h (PWi) as a registration request to the server Si. Upon receiving the registration request from user Ui, the sever Si computes two parameters Ai, Bi related to his request Si computes Ai = h (X || IDi) Bi = Ai� h (IDi || h (PWi)) And store some of them in the smart card memory and issues this smart card to user Ui. This smart card is delivered to user Ui through a secure channel.

B. Login Phase- A user Ui wants access same service on remote server Si, this phase provides the facility of a secure login request to server Si. User Ui inserts smart card into a card reader and submits in IDi* and PWi*. The card reader computes –

Bi* = Ai � h (IDi* || h (PWi*)) And checks where Bi (stored in the smart card memory) and Bi* are equal or not. If not, terminate to again login process.

SCEECS 2012

User Ui Server Si Registration Phase

Select IDi and PWi Compute IDi, h (PWi) (IDi, h (PWi) Compute

Ai = h (X || IDi) Bi = Ai � h (IDi || h (PWi))

User’s Smart card Store {Ai, Bi, h (•)} into smart card Login and Verification phase

Input IDi* and PWi* Bi* = Ai � h (IDi* || h (PWi*)) Verify Bi =BI* Compute Cid = h (PWi*) � h (Ai || Tu) Checks Tu’-Tu ≤Δ T Ei = h (Bi || Cid || Tu) (IDi, Cid, Ei, Tu) Ai= h(X || IDi) h (PWi*) = Cid � h (Ai||TU) Bi* = Ai� h (ID||h (PWi)*)

Ei* =h (Bi* || Cid||Tu) Verify Ei =EI*

Compute Fs = h (Ai*||Bi*||Ts) Mutual Authentication

Ts’-Ts ≤Δ T (Fs, Ts) Fi* =h (Ai || Bi ||Ts0 Verify Fi= Fi* Session Key Agreement

Sk =h (Ai ||Tu||Ts||Bi)

Otherwise yes, User Ui is legitimate card holder. Then the card reader takes current time stamp Tu and computes - Cid = h (PWi*) � h (Ai || Tu) Ei = h (Bi || Cid || Tu) And send the login request massage {IDi, Cid, Ei, Tu} to remote server Si. C. Authentication Phase- After receiving the login request message {IDi, Cid, Ei, Tu}. The server Si verifies the format of the massage and IDi and the validity of time delay between Tu’ and Tu. Where Tu’ is the travel time of the massage.

Tu’-Tu ≤ ΔT Where ΔT denotes expects valid time interval for transmission delay. The Server Si satisfies its format. It goes to next process. Otherwise the server Si rejects the login request. Server Si computes- Ai* = h (X || IDi) h (PWi*) = Cid � h (Ai* || Tu) Bi* = Ai *� h (IDi || h (PWi*) And computes Ei* = h (Bi* || Cid * || Tu) Checks whether Ei and Ei* are equal or not. If they are not, server Si rejects the login request. If equal, then server Si computes Fi for mutual authentication. Fi = h (Ai* || Bi* || Ts), Ts is current time of the server And this acknowledge massage {Fi, Ts} send to User Ui

Upon receiving this acknowledge massage, smart card perform following computation Fi* = h ((Ai || Bi || Ts) Verify the Fi and Fi* are same or not. . If it is same, the mutual authentication procedure is done. Finally, the Server Si and Smart card reader Ui are make common session key Sk and this session key shares both user Ui and server Si.

Sk = h (Ai || Tu || Ts || Bi) Otherwise, terminate to login phase. D. Password change Phase- This phase provides the facility of update password by the user Ui. If user Ui wants change his/her password PWi to PWnew. User Ui inserts smart card into card reader and keys in his/her IDi and PWi. The card reader checks the values Bi =Bi* are equal or not. After it is Satisfy, user Ui is legitimate bearer of the smart card. The card reader asks the user Ui to enter new password PWnew. Then card reader performs following operation. Bi* = Ai� h (IDi * || h (PWnew) And change Bi with Bi* in smart card memory.

IV. SECURITY ANALYSIS OF PROPOSED SCHEME In this section, we discuss the security analysis of our

proposed scheme against various known attacks. We will assume all the unaccepted conditions to analyses our scheme. The security analysis of our proposed scheme as follow-

1. Protect to denial-of service attacks- In these attacks, an adversary can used to wrong identity

IDi and Password PWi and wants to sends invalid login request massage continuously to keeps sever busy. In our proposed scheme, he cannot send invalid login request massage, because in login phase card reader checks the valid IDi and PWi of card holder. Then after takes next processes.

Figure 1. The Proposed Scheme Bi* = Ai � h (IDi || h (PWi) Checks Bi =Bi* (Bi stored in user’s smart card memory) Therefore, our proposed scheme is protected from denial-of service. 2. Resistance to Offline password guessing attack-

In our proposed scheme, if an adversary gets user’ smart card and finds out the value of (Ai, Bi). But he cannot the compute hash value- Ai = h (X || ID) Bi = Ai� h (IDi || PWi) This hash value cannot retrieve the secret information. And assume, an adversary obtains all communication massage such as {ID, Cid, Ei, Tu), {Fi, Ts}. He wants to try deriving secret information (X and PWi) to find out Ai and Bi from intercepted massage. He must fail, because the secret key X and password PWi is protected by one-way hash function.

Cid = h (PWi) � h (A ||Tu) Ei = h (Bi || Cid || Tu) Fi = h (Ai || B ||Ts) Therefore, the proposed scheme secure against offline password attacks.

3. Resistance to impersonation attacks- An illegal user may try to modify a login request massage

{ID, Cid, Ei, Tu} into {ID, Cid*, Ei*, Tu*). However such a modification will fail in the authentication and session key agreement phase, because it has no way of obtaining the value of Ai and Bi and secret key X to computes the valid parameters

Cid= h (PWi) � h (A ||Tu), Ei= h (Bi || Cid || Tu) with time stamp Tu.

Therefore, our proposed scheme is secure against impersonation attacks. 4. Resistance to Replay Attacks-

Suppose an adversary replaying the previous login request massage (ID, Cid, Ei, Tu) at valid time window. But he cannot

SCEECS 2012

response to next acknowledge massage {Fs, Ts} without knowing the value of Ai and Bi. Therefore, our propose scheme is secure against the replay attacks. 5. Resistance to Attack on server secret key-

If any privileged insider (system manager) leaks the server secret key in publically. But any attacks cannot success to found out IDi and PWi from login request massage (ID, Cid, Ei, Tu) and user’s smart card memory {Ai, Bi, h (.)}. Cid = h (PWi) � h (A ||Tu) Ei = h (Bi || Cid || Tu) Ai = h (X || ID) Bi = Ai� h (IDi || PWi) Because, these value are coded with one-way hash function. 6. Resistance to Parallel Session attacks-

Suppose, the adversary intercepts the acknowledge massage {Fs, Tu} Fi = h (Ai || B || Ts). He cannot use Fs to create a valid login request massage {IDi, Cid, Ei, Tu} at Tu. The Fs does not contain any information to construct a valid login request massage. Hence it’s proving that our scheme is secure against parallel session attacks.

7. Stolen smart card Attacks- In case, a user’s smart card is lost and stolen by the

attacker. The attacker cannot use this card without knowing the valid IDi and PWi. If he can extract the secret information {Ai Bi, h (.)} stored in smart card memory. Ai = h (X || ID) Bi = Ai � h (IDi || PWi) It is not possible to guess valid IDi and PWi at same time. Therefore, our proposed scheme is secure against stolen smart card attacks.

V. PERFORMANCE ANALYSIS The performance analysis of the proposed scheme in terms of storage capacity and communication cost. The computation costs are focus on the registration, login and authentication phases. In our proposed scheme, we use the lightweight hash function and exclusive OR operation. It is usually take very low computation cost. The time complexity associated with three different operations can be express as

Exclusive OR << Hash function < modular exponential We use SHA-1 to implement our scheme. The output sizes of each hash value of secret information is 160 bits long, time stamps are 40 bits length, and identity is 32 bits length. So the user’s smart card memory needs 320 (2*160) bits and server require only 160 bits to store the secret key X. In terms of communication cost, it is defined as the total time of various operation executed in registration, login, and authentication phases. The communication cost of the proposed scheme is (6* 160) bits in using of SHA-1.

Moreover, the efficiency of the proposed scheme with the relevant authentication scheme is very high, because the proposed scheme can withstand all possible attacks.

VI. CONCLUSION This paper point out that the schemes proposed by M.S.

Hwang and Lee [1], M.K. Das [4], Yoon and Yoo [5], H.T. Liaw [6], Y. Wang [10], Zhuo Hao[11], R. Song [13], are not secure enough against same weakness. We showed that their schemes

are vulnerable to denial-of service attacks, forgery attacks, insider attacks, password guessing, parallel session attacks server spoofing, forward Security, replay attacks, and stolen verifier attacks. All necessary requirements and withstands the various aforementioned attacks, we present our proposed smart card based a secure remote authentication scheme in session 3. Our proposed scheme resists most current possible attacks that show on security analysis in session 4. In section 5 shows, the performance analysis of our scheme in terms of computation cost and storage capacity.

In future, we invite to more secure and efficient authentication scheme using smart card. Which computational cost is very low and resists to all possible attacks.

REFERENCES

[1] M.S.Hwang and L.H.Li. “A new remote user authentication scheme using smart card”, In IEEE Transaction on consumer Eleclronic,”vol.40, no 1, 2000, pp 28-30

[2] M. S. Hwang, C. C. Lee, and Y. L. Tang, “A simple remote user Authentication scheme,” Mathematical and Computer Modeling, 36,

pp. 103–107, 2002. [3] Chi - Kwong and Cheng, “cryptanalysis of a remote user authentication

scheme using smart card”, IEEE Transaction on Consumer Electronic Vol.46, No.4, 11, 2000

[4] M.L. Das, A.Saxena and V.P. Gulati,”A Dynamic ID-based remote user authentication scheme”, IEEE Transaction on consumer Eleectronice, vol. 50,2004, pp. 629-631

[5] E.Yoon and Yoo, “More efficient and secure remote user authentication scheme using smart card”, in proceeding of 11th international conference on Parallel and Distributed System,2005,pp.73-77

[6] H. T. Liaw, F. Lin, and W. C. Wu, "An efficient and complete remote user authentication scheme using smart cards,” Math. Computer Model, Elsevier vol. 44, no. 1-2, pp. 223-228, 2006.

[7] Debasis Giri and P.D.Srivastava, “Crpytoanalysis and Improvement of a remote user authentication scheme using smart card”, ISECS 2008, IEEE 978-0-7695-3258-5/08, 2008

[8] Huang Kai, Ou Qingyu, “Cryptanalysis of a remote user authentication scheme” IEEE 978-1-4244-3693-4/09, 2009

[9] Ou Qingyu Huang Kai, “Cryptanalysis and improvement of a remote user authentication scheme” IEEE 978-0-7695-3804- 4/09, 2009

[10] Y. Wang, J. Liu, F. Xiao, and J. Dan, “A more efficient and secure dynamic id-based remote user authentication scheme,”Comput. Commun., vol. 32, no. 4, pp. 583–585, 2009.

[11] Zhuo Hao, Nenghai Yu, “A Security Enhanced remote user authentication scheme using smart card” International Symp. On Data, privacy, and E-commerce ISDPE, IEEE 978-0-7695-4203-4/10, 2010

[12] J. Xu, W.-T. Zhu and D.G. Feng, “An improved smart card based password authentication scheme with provable security,” Computer Standards & Interfaces, vol. 31, no. 4, pp. 723 – 728, 2009.

[13] R. Song. “Advanced smart card based password authentication Protocoll”. Computer Standards & Interfaces, Volume 32, Issue 4, June 2010, Pages 321-325.

[14] Sandeep K. Sood, Anil K.Sarje and Kuldip Singh, "Secure dynamic identity-based remote user authentication scheme", Distributed Computing and Internet Technology, Lecture Notes in Computer Science, vol. 5966,2010, pp. 224-235.

[15] W.B. Horng and Cheng p Lee, “Security weaknesses of song’s Advanced smart card based Password authentication Protocol.”IEEE trans. Computer, vol.978-4244-6789 1/10, 2010

[16] Rafael M., F. Rico-Novella, “Improvement of the Dynamic ID-based Remote User authentication scheme” IEEE 978-0-9564263-8/03, 2010

[17] Chun-Ta Li and Cheng-Chi Lee, 2011 “a robust remote user authentication scheme using smart card,” Information Technology and Control,Vol.40,No.3

[18] William Stallings. Cryptography and Network Security, 4/E Prentice Hall