Based on mobile devices limitations, several user authentications and key exchange schemes have been proposed for mobile devices using identity-based public key cryptography (ID-PKC). However, these schemes suffer from key escrow problem. Moreover, they are not secure against impersonation attacks, and they can’t achieve perfect forward secrecy. In this paper, a new user authentication and key exchange protocol for the mobile client-server environment is proposed. Certificateless public key cryptography (CL-PKC) and bilinear pairing are adopted in the proposed scheme. Our protocol solves the key escrow problem of identity-based public key cryptography. Also, it is secure against both adversaries type I and type II. Furthermore, the proposed protocol achieves perfect forward secrecy. We prove the security of our protocol in the random oracle model under the Computational Diffie-Hellman (CDH) problem. Hence, the proposed scheme is more suitable for the mobile devices environments.
CITATION STYLE
Hassan, A., Eltayieb, N., Elhabob, R., & Li, F. (2018). A provably secure certificateless user authentication protocol for mobile client-server environment. In Lecture Notes on Data Engineering and Communications Technologies (Vol. 6, pp. 592–602). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-319-59463-7_59
Mendeley helps you to discover research relevant for your work.