Nova Scientia (Oct 2016)

Dynamic ID-based remote user authentication scheme using ElGamal encryption system

  • Rafael Martínez Peláez,
  • Yesica Imelda Saavedra Benítez,
  • Pablo Velarde Alvarado,
  • Jacek Pomykala

DOI
https://doi.org/10.21640/ns.v8i17.673
Journal volume & issue
Vol. 8, no. 17

Abstract

Read online

We propose a new dynamic ID-based remote user authentication scheme using smart cards, which it is based on one-way hash function, ElGamal’s public key cryptosystem and nonce. The scheme achieves the following security requirements: 1) users can choose and change their password freely, 2) mutual authentication between the user and the server, 3) the user and the server establish a session key after successful authentication process, 4) the server does not maintain a verification table, 5) the login request message does not contain the user’s identity, and 6) the authentication phase does not require time-synchronization, making it more secure than previous schemes. In order to verify the security characteristics of our protocol, we have modelled and analysed the proposal using High-level Protocol Specification Language (HLPSL) and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The results demonstrate that our protocol achieves more security requirements than previous works.

Keywords