Pseudonym Creation and Parameter Based Key Generation for a Robust Authentication using ECC

Abstract

Security is an important aspect in every field today and it cannot be neglected whatsoever. Network security has become one of the most important concerns of this generation due to its wide range of applications. With the emerging techniques in elliptic curve cryptography (ECC), it has now become the mainframe of many cryptosystems. Due to the generation of small key sizes in ECC, it poses as a favourable cryptosystem that can be used to minimize memory consumption. The previous schemes that were developed were unable to achieve user anonymity and were also vulnerable to stolen-verifier attacks, offline password guessing and insider attacks. The proposed scheme aims at improving the security provided to a user during authentication phase involved in any transaction. A step-by-step process is outlined in order to enhance security. It intends to provide a system involving Elliptic curve cryptography along with One Time Passwords to implement a new authentication scheme that overcomes certain threats to network security. The main features of this scheme includes generation of a common key with scalar multiplication, provision of user anonymity in order to prevent man-in-the-middle attacks using the Elliptic curve base point and a random number in order to prevent session hijacking attack or replay attack. This authentication paradigm finds its applications in ATM systems, RFID tags, smart card applications, mobile applications with SIM cards and so on. The proposed scheme works favourably with devices that have less resources (like memory).