User authentication scheme preserving anonymity for ubiquitous devices

摘要

With the evolution of information technologies, mobile devices (e.g., cell phone, personal digital assistant, and notebook PC) have swamped all domains of the active life. At anytime and anywhere, they are in research of service to satisfy their immediate needs. The services are remotely provided and implemented in sites that verify the legitimacy of the user over an insecure communication channel. The mechanism that authenticates remote user and allows legitimate users to access network services over insecure communication network is known by remote user authentication. Smart card‐based authentication is one of the most widely used and practical solutions to remote user authentication. In this paper, we propose a smart card‐based authentication scheme that aims to provide more functionality to resist well‐known attacks. It provides both user anonymity and mutual authentication in simple and efficient mechanism that can be applicable to limited resources. This mechanism can be suitable to ubiquitous computing environments in which a variety of wireless mobile devices with limited power and computation capacity are deployed. Copyright ? 2015 John Wiley & Sons, Ltd. Pervasive computing environment includes a variety of network protocols and is expected to support many service models. To allow only legitimate users, securisation of interaction between mobile users and service providers must be performed. But, over an insecure communication channel, it is difficult to definitely decide which infrastructure and which mechanism of authentication are suitable for pervasive network. Based on a stochastic process with Markov property, the proposed scheme aims to provide both user anonymity and mutual authentication, and to achieve user privacy with security and functionality requirements satisfaction.