International Journal of Engineering Trends and Technology (IJETT) – Volume 29 Number 3 - November 2015
Improved Mutual Authentication with Key Agreement
Scheme for Mobile Client-Server Environment
Chaitanya Nadikatla1, Ramesh Kumar Behara2
1
Final M.Tech Student, Asst.professo2
1,2Dept of CSE, Sarada Institute of Science, Technology And Management(SISTAM),
Srikakulam, Andhra Pradesh,India
Abstract. Now a day’s mobile networks are rapid
development by performing the e-commerce transaction such as online shopping, internet banking and
e- payment. To promise secure communication while
doing transactions, mutual authentication along with
key agreement schemes are inspiring and also turning to be important. These schemes can be constructed from normal passwords, traditional public
key cryptography, and also using identity-based
cryptography. In this context, an identity based mutual authentication mechanism with key agreement
schemes based on powerful elliptic curve cryptography are preferable solutions. This paper proposes a
secure and efficiency identity-based mutual authentication with key agreement scheme for mobile
client-server environment. As aiming to provide secure communication, authentication and key agreement is important issue in the mobile networks.
Hence, schemes for authentication and key agreement have been studied widely. So that to provide
efficient and more secure techniques is necessary. In
this paper we are proposed random prime order key
agreement protocol proposed for authentication and
key agreement. Another technique is used to provide
security of transferred data using key xor data
transpose technique. By using this technique, we
provide more security and more efficiency for transferring data.
Keywords: Key Agreement Scheme, Identity Based
Authentication, and Mobile Security
1. Introduction
During secure communication, authentication should
be performed to protect users and a secret session
key should be established for confidentiality. As the
development of cryptography, schemes for authentication and key agreement develop accordingly. Early schemes are based on passwords. The first password authentication scheme to authenticate a remote
user over an insecure channel was proposed by
Lamport. Introducing public key cryptography into
cryptography, Diffie and Hellman proposed the first
ISSN: 2231-5381
key agreement scheme. Many authentication and key
agreement schemes based on traditional public key
cryptography were constructed. Since Diffie and
Hellman’s scheme lacks authentication and it is vulnerable to Man-in-the middle attack, then authentication with key agreement is necessary and attractive in practical implementation. Despite the vulnerability and laciness’ of authentication, Diffie and
Hellman’s key agreement scheme is the foundation
for other schemes and most of key agreement
schemes use Diffie and Hellman’s technique. Since
the introduction of identity based cryptography by
Shamir, many identity-base cryptosystems were presented in application. It is not until Boneh and
Franklin defined an advanced identity-base encryption scheme with bilinear pairings on elliptic curves
that identity-base cryptography develops rapidly.
Various identity-based authentication and key
agreement schemes are constructed and made into
application. Some authentication schemes addressed
in literature do not provide mutual authentication
and key exchange between the client and the server,
which is required in mobile client-server environment.
2. Related Work
Mobile devices have low procedure power and fewer
memory resources. principle associated Yangtze [8]
projected an ID-based remote mutual authentication
with key agreement protocol for mobile devices on
elliptic curve cryptosystem. principle associated
Chang’ theme is liable to an impersonation attack
and doesn't offer excellent forward secrecy. Yoon
and Yoo [9] conferred a strong mutual authentication with key agreement protocol. However, Yoon
and Yoo’s theme al- thus fails to realize forward
secrecy. Later, many mutual authentications with
key agreement schemes were projected [10-19].
throughout these schemes, some schemes [11-15]
area unit liable to some specific attacks. additive
pairings on elliptic curves, that area unit time- intense, area unit employed in the development of
schemes [10, 15]. Some schemes hash identities to
elliptic curve group- s, that is a smaller amount se-
http://www.ijettjournal.org
Page 109
International Journal of Engineering Trends and Technology (IJETT) – Volume 29 Number 3 - November 2015
cure. Schemes with smart properties is found in [1619]. In those schemes, secure and economical
schemes have several smart properties against several attacks. As specified in literature, key agreement
schemes supported elliptic curve cryptosystems fitted to mobile environments were projected. the primary one is associate identity-based remote mutual
authentication with key agreement theme. And associate other is an economical 3- party genuine key
agreement theme for establishing a session key between any two users with the assistance of a trustworthy server.
3. Proposed Work
The proposed system contains mainly two concepts
for the authentication, key agreement and security of
transferring data. By implementing those concept,
we can perform mutual authentication of users and
key agreement in both users. After completion of
key agreement, the sender will encrypt the transferred message using key xor data transpose technique. After encrypting the sender will send the cipher message to receiver. The receiver will receive
the cipher message and decrypt the cipher message
we get the plain text message. The process of mutual
authentication and key agreement as follows.
4. IMPLEMENTATION
This system consists of the following modules. They
are discussed here
Sender: This module will send the encrypted content as well as sender’s key and will send it to the
receiver.
Receiver: This module will collect the encrypted
content as well as receiver’s key and finally decrypt
the content successfully.
Key Generation: This module will be the core
module that will implement the key agreement protocol and will be responsible for key generation and
key agreement.
Results: This module will be responsible in evaluating the generated keys and security against the keygeneration scheme with those generated keys.
4.1 Algorithm
2.
The sender will generate private key randomly.
Calculate public key using this formula pub=g
private
% P.
ISSN: 2231-5381
4.
5.
After calculating public key the sender randomly choose SR and SV values.
Calculate Sa value by performing following
steps.
i. C=(message.hashCode)%200000;
ii. C=C%200000;
iii. C3=C-(privatekey*SR);
iv. Sk=Gcd(C3)
v. Int k1=Inverse(sk, p-1);
vi. V=c3*k1;
vii.
Sa=V%P;
Calculate SA by performing following steps.
SA = for(int i=1;i<=Sa;i++)
temp=(temp*SR)%P;
6.
7.
8.
Send public key,SR and SA to Receiver.
The receiver also perform the step 1 to 5.
After that we can calculate RB value using
following steps.
RB = for(int i=1;i<=VB;i++)
temp=(temp*SR)%P;
9. The Receiver will send RB value to Sender.
10. The sender will receive the RB value and calculate SA1 and acknowledgment.
11. After calculating the sender will send to receiver .
12. The receiver will retrieve the both values and
perform the authentication status.
13. After that the sender will generate key by using following equation.
Key = for (int i=1; i<=RV; i++)
temp=(temp*RB) % P;
14. The receiver will generate key by using following equation.
Key = for (int i=1; i<=CA1; i++)
temp=(temp*RB) % P;
After generating shared key, the sender will perform the encryption process as follows.
Key xor data transpose technique:
1.
2.
Random prime order key agreement protocol:
1.
3.
3.
4.
5.
The transferring message can be converted into 32 X 32 matrix format.
After generating matrix format we transpose
into rows and columns.
After transpose matrix that data can be converted into Ascii values.
The transpose data and key can be xor again
convert into binary format.
After converting binary format that binary data shifted by using right shift operation.
http://www.ijettjournal.org
Page 110
International Journal of Engineering Trends and Technology (IJETT) – Volume 29 Number 3 - November 2015
6.
7.
8.
After shifting that binary data can be converted into ascii format and that data can be
sent to receiver.
The receiver will retrieve that cipher data and
perform the reverse process.
After completion of reverse process, we can
get original message.
5. COMPARATIVE STUDY
This application demonstrates the advantage of identity based authentication scheme for mobile
client/server systems with an enhanced key agreement process. Using this approach, the application
offers the following advantages
1. Two-way Key Generation Policy
Using the specified algorithm scheme, the key generation problem is resolved by proposed key issuing
protocol, which is constructed with the help of secure two-party computation (2PC).
2. Advanced Key Generation Scheme
As the specified scheme focuses more on improvised
identity based key generation and key agreement
scheme.
3. Efficient Encryption Scheme
The proposed key agreement scheme modifies data
privacy as well as confidentiality in the mobile
client/server system against any inside system managers as well as outsider adversaries without corresponding credentials.
4. Best Security and Performance
The security and performance analysis carried out at
the end indicate that the proposed scheme is more
efficient to securely organize the data in mobile
client/server systems.
CONCLUSION
This paper proposes random prime order key protocol and key xor data transpose technique for mobile
client server environment. Compared with known
our scheme is more efficient and good properties
against for various types of attacks. This paper also
provides more security of transferring data. So that
by implementing those techniques we can improve
efficiency given project and also provide more security for transferring data.
REFERENCES
[1] D. He. “An efficient remote-user authentication and keyagreement protocol for mobile client/server environment from
ISSN: 2231-5381
pairings”. Ad-Hoc Networks 10, 1009-1016, 2012.
[2] Hafizul Islam SK, Biswas G.P. “An improved ID-based client
authentication with key-agreement scheme on ECC for mobile
client-server environments”. Theoretical and Applied Informatics.
Vol.24 no. 4 pp. 293-312, 2012.
[3] Wang D, Ma C. “Crypt-analysis of a remote user authentication scheme for mobile client/server environment based on ECC”.
Information Fusion 14, 498- 503, 2013.
[4] Chou C., Tsai K., Lu C. “Two ID-based authenticated
schemes with key-agreement for mobile environments”. J Super.
Comput. 66:973-988, 2013.
[5] Sun H., Wen Q., Zhang H. and Jin. Z. “A novel remote user
authentication and key-agreement scheme for mobile client/server
environment”. Appl. Math. Inf. Sci. 7, No. 4, 1365-1374, 2012.
[6] Miller V.S. “Use of elliptic curves in cryptography”. In. Proc.
of adv. in cryptology CRYPTO, 1986. Vol. 85, pp 417-426.
[7] Shamir. A. “Identity-based crypto-systems and signature protocols”, in: Proceedings of the Advances in Cryptology [Crypto],
Santa Barbara, USA, pp. 47-53, (1984).
[8] Boneh D., Franklin M. “Identity-based encryption from the
Weil pairing”, SIAM J. Comput. 32(3) 586- 615, 2003.
[9] Das M.L., A. Saxena, Gulati V.P., D.B. Phatak. “A novel
remote user authentication scheme using bilinear pairings”,
Comp.. Security 25 (3) 184-189, 2006.
[10] Y.M. Tseng, T.Y. Wu, J.D. Wu. “A pairing-based user
auth’ion scheme for wireless clients with smart cards”, Informatica - 19 (2) 285-302, (2008).
[11] Goriparthi T., M.L. Das, A. Saxena. “An improved bi-linear
pairing based remote user authentication scheme”, Comput. Standard Interf. 31 (1) 181-185, 2009.
[12] J. Yang, C. Chang. “An ID-based remote mutual authentication with key agreement protocol for mobile devices on elliptic
curve cryptosystem”, Computers and Security 28 138-143, 2009.
[13] E. Yoon, K. Yoo. “Robust ID-based remote mutual authentication with key agreement protocol for mobile devices on ECC”,
in: 2009 International Conference on Computational Science and
Engineering, Vancouver, Canada, pp. 633-640, (2009).
[14] T. Wu, Y. Tseng. “An efficient client authentication and key
agreement protocol for mobile client-server environment”, Computer Networks. 54, 1520-1530, 2010.
[15] T. H. Chen, Y. C. Chen, and W. K. Shih. “An advanced idbased remote mutual authentication scheme for mobile devices”,
2010 Symposia and Workshops on Ubiquitous, Autonomic and
Trusted Computing, pp. 116- 120, 2010.
[16] D. He, J. Chen, J. Hu. “An ID-based client authentication
with key agreement protocol for mobile client/server environment
on ECC with provable security”. Information Fusion 13 223-230,
2012.
[17] SK Hafizul Islam, G.P. Biswas. “A more efficient and secure
ID-based remote mutual authentication with key agreement
scheme for mobile devices on elliptic curve cryptosystem”. The
Journal of Systems and Software 84, 1892-1898, 2011.
[18] N. Koblitz. “Elliptic-curve cryptosystem”. Math Comput.
48:203-209, 1987.
BIOGRAPHIES:
Chaitanya Nadikatla is student in
M.Tech(CSE) in Sarada Institute of
Science Technology and Management,Srikakulam.He has received
his M.C.A from Chaitanya P.G
College, Hanamkonda,Warangal.
His interesting areas are Data Min-
http://www.ijettjournal.org
Page 111
International Journal of Engineering Trends and Technology (IJETT) – Volume 29 Number 3 - November 2015
ing, Networking.
Ramesh kumar behara is working
as Asst.professor in Sarada Institute of Science, Technology And
Management, Srikakulam , AndhraPradesh. He received his
M.Tech (CSE) from Sarada Institute of Science, Technology And
Management, Srikakulam, Andhra Pradesh. JNTU
Kakinada Andhra Pradesh. His research areas include Network Security.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 112