Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices

Vanga Odelu; Ashok Kumar Das; Kim Kwang Raymond Choo; Neeraj Kumar; Youngho Park

doi:10.1109/ACCESS.2017.2777840

Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices

Vanga Odelu
, Ashok Kumar Das
, Kim Kwang Raymond Choo
, Neeraj Kumar
, Youngho Park

School of Electronics Engineering

Indian Institute of Information Technology, Sri City
International Institute of Information Technology Hyderabad
University of Texas at San Antonio
Thapar Institute of Engineering & Technology

Research output: Contribution to journal › Article › peer-review

20 Scopus citations

Abstract

In recent years, mobile devices are becoming an integrated part of our society, and this reinforces the need for security and privacy without incurring additional communication and computation costs. In this paper, we propose a new efficient privacy preserving time-key-based single sign-on (TK-SSO) authenticated key management protocol for mobile devices using elliptic curve cryptography. This allows us to achieve the desirable security properties along with significantly reduced computation and communication costs. TK-SSO also supports the revocation of mobile users and servers. We prove the security of TK-SSO in a widely accepted adversary real-or-random model, as well as using Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to demonstrate that TK-SSO can resist various known attacks. We then evaluate the performance of TK-SSO and three related protocols to demonstrate its utility.

Original language	English
Article number	8119945
Pages (from-to)	27707-27721
Number of pages	15
Journal	IEEE Access
Volume	5
DOIs	https://doi.org/10.1109/ACCESS.2017.2777840
State	Published - 24 Nov 2017

Keywords

AVISPA simulation
BAN logic
credential privacy
Key distribution
session-key security
temporal key

Access to Document

10.1109/ACCESS.2017.2777840

Cite this

@article{35125c4e28304e2c82339aa04465a4b8,

title = "Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices",

abstract = "In recent years, mobile devices are becoming an integrated part of our society, and this reinforces the need for security and privacy without incurring additional communication and computation costs. In this paper, we propose a new efficient privacy preserving time-key-based single sign-on (TK-SSO) authenticated key management protocol for mobile devices using elliptic curve cryptography. This allows us to achieve the desirable security properties along with significantly reduced computation and communication costs. TK-SSO also supports the revocation of mobile users and servers. We prove the security of TK-SSO in a widely accepted adversary real-or-random model, as well as using Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to demonstrate that TK-SSO can resist various known attacks. We then evaluate the performance of TK-SSO and three related protocols to demonstrate its utility.",

keywords = "AVISPA simulation, BAN logic, credential privacy, Key distribution, session-key security, temporal key",

author = "Vanga Odelu and Das, \{Ashok Kumar\} and Choo, \{Kim Kwang Raymond\} and Neeraj Kumar and Youngho Park",

note = "Publisher Copyright: {\textcopyright} 2013 IEEE.",

year = "2017",

month = nov,

day = "24",

doi = "10.1109/ACCESS.2017.2777840",

language = "English",

volume = "5",

pages = "27707--27721",

journal = "IEEE Access",

issn = "2169-3536",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices

AU - Odelu, Vanga

AU - Das, Ashok Kumar

AU - Choo, Kim Kwang Raymond

AU - Kumar, Neeraj

AU - Park, Youngho

PY - 2017/11/24

Y1 - 2017/11/24

N2 - In recent years, mobile devices are becoming an integrated part of our society, and this reinforces the need for security and privacy without incurring additional communication and computation costs. In this paper, we propose a new efficient privacy preserving time-key-based single sign-on (TK-SSO) authenticated key management protocol for mobile devices using elliptic curve cryptography. This allows us to achieve the desirable security properties along with significantly reduced computation and communication costs. TK-SSO also supports the revocation of mobile users and servers. We prove the security of TK-SSO in a widely accepted adversary real-or-random model, as well as using Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to demonstrate that TK-SSO can resist various known attacks. We then evaluate the performance of TK-SSO and three related protocols to demonstrate its utility.

AB - In recent years, mobile devices are becoming an integrated part of our society, and this reinforces the need for security and privacy without incurring additional communication and computation costs. In this paper, we propose a new efficient privacy preserving time-key-based single sign-on (TK-SSO) authenticated key management protocol for mobile devices using elliptic curve cryptography. This allows us to achieve the desirable security properties along with significantly reduced computation and communication costs. TK-SSO also supports the revocation of mobile users and servers. We prove the security of TK-SSO in a widely accepted adversary real-or-random model, as well as using Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to demonstrate that TK-SSO can resist various known attacks. We then evaluate the performance of TK-SSO and three related protocols to demonstrate its utility.

KW - AVISPA simulation

KW - BAN logic

KW - credential privacy

KW - Key distribution

KW - session-key security

KW - temporal key

UR - https://www.scopus.com/pages/publications/85035807604

U2 - 10.1109/ACCESS.2017.2777840

DO - 10.1109/ACCESS.2017.2777840

M3 - Article

AN - SCOPUS:85035807604

SN - 2169-3536

VL - 5

SP - 27707

EP - 27721

JO - IEEE Access

JF - IEEE Access

M1 - 8119945

ER -

Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this