A key agreement scheme for identity authentication based on multiple security factors

Ying Wang¹, Xinguang Peng¹, Jing Bian^1,2

COMPUTER MODELLING & NEW TECHNOLOGIES 2014 18(12B) 184-192

¹College of Computer Science and Technology, Taiyuan University of Technology, Shanxi, Taiyuan China,030024

²The Center of Information and Network, Shanxi Medical College of Continuing Education, Shanxi, Taiyuan China, 030012

By the study of Li-Hwang's three-factor authenticated key agreement protocol, we find there exists multiple attack in it. Therefore, this paper proposes a remote user authentication protocol based on ECC to improve the protocol. The new protocol only needs one point multiplication of elliptic curve cryptography in login and authentication protocol, so its computation efficiency is high. The protocol can resist all the attack mentioned in this paper, smart cards loss attack included. It is also suited to three-factor authentication protocol including password, mobile devices and biometrics. The comparisons with related schemes in computation price and efficiency show that though it costs a little more computation consumption than relative protocols, it has better performance in robustness.