Showing papers on "Otway–Rees protocol published in 2017"

Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks

Abstract: Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their protocol suffers from smart card loss attack where the user identity and password can be guessed using offline brute force techniques. Moreover, the protocol suffers from known session-specific temporary information attack, which leads to the disclosure of session keys in other sessions. Furthermore, the protocol is vulnerable to tracking attack and fails to fulfill user untraceability. To address these deficiencies, we present a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry. We conduct a formal verification of our proposed protocol using ProVerif in order to demonstrate that our scheme fulfills the required security properties. We also present a comprehensive heuristic security analysis to show that our protocol is secure against all the possible attacks and provides the desired security features. The results we obtained show that our new protocol is a secure and lightweight solution for authentication and key agreement for Internet-integrated WSNs.

Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach

Abstract: Many popular web applications incorporate end-to-end secure messaging protocols, which seek to ensure that messages sent between users are kept confidential and authenticated, even if the web application's servers are broken into or otherwise compelled into releasing all their data. Protocols that promise such strong security guarantees should be held up to rigorous analysis, since protocol flaws and implementations bugs can easily lead to real-world attacks. We propose a novel methodology that allows protocol designers, implementers, and security analysts to collaboratively verify a protocol using automated tools. The protocol is implemented in ProScript, a new domain-specific language that is designed for writing cryptographic protocol code that can both be executed within JavaScript programs and automatically translated to a readable model in the applied pi calculus. This model can then be analyzed symbolically using ProVerif to find attacks in a variety of threat models. The model can also be used as the basis of a computational proof using CryptoVerif, which reduces the security of the protocol to standard cryptographic assumptions. If ProVerif finds an attack, or if the CryptoVerif proof reveals a weakness, the protocol designer modifies the ProScript protocol code and regenerates the model to enable a new analysis. We demonstrate our methodology by implementing and analyzing a variant of the popular Signal Protocol with only minor differences. We use ProVerif and CryptoVerif to find new and previously-known weaknesses in the protocol and suggest practical countermeasures. Our ProScript protocol code is incorporated within the current release of Cryptocat, a desktop secure messenger application written in JavaScript. Our results indicate that, with disciplined programming and some verification expertise, the systematic analysis of complex cryptographic web applications is now becoming practical.

Security Analysis of LoRaWAN Join Procedure for Internet of Things Networks

Abstract: Currently one of the most established protocols for machine to machine (M2M) communications is LoRaWAN, designed to provide low power wide area network with features specifically needed to support low-cost, mobile, secure bidirectional communication for the Internet of Things (IoT). In this context security is of pivotal importance, as IoT constitutes a pervasive network of devices highly integrated with our daily life. In this paper we examine key security issues of the procedure used in LoRaWAN to allow an end device to establish a connection with the network server. We have identified vulnerabilities in this protocol, in particular with reference to the use of a random number in the join procedure packet, meant to prevent replay attacks. We first discuss the options that a network server has when detecting a replay attack and then we examine a) the possibility that a legitimate receiver is considered an attacker because of the random number generation issues and b) the possibility for an attacker to exploit this protocol to generate a denial of service (DoS). A wide set of experiments has been conducted using a widely used LoRaWAN chip showing the vulnerabilities of the protocol.

An improved smart card based authentication scheme for session initiation protocol

Abstract: Sessioninitiation protocol (SIP) reformed the controlling routine of voice over Internet Protocol based communication over public channels. SIP is inherently insecure because of underlying open text architecture. A number of solutions are proposed to boost SIP security. Very recently Farash (Peer to Peer Netw. Appl. 1–10, 2014) proposed an enhanced protocol to improve the security of Tu et al.’s protocol (Peer to Peer Netw. Appl. 1–8, 2014). Further, Farash claimed his protocol to be secure against all known attacks. However, in this paper we show that Farash’s protocol is insecure against impersonation attack, password guessing attack, lacks user anonymity and is vulnerable to session-specific temporary information attack. Further, we have proposed an upgraded protocol to enhance the security. The security and performance analysis shows that the proposed protocol reduced one point multiplication as compared with Farash’s protocol, while resisting all known attacks. We have proved the security of proposed protocol using automated tool ProVerif.

A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System

Abstract: Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

Design of Mutually Authenticated Key Agreement Protocol Resistant to Impersonation Attacks for Multi-Server Environment

Abstract: Three-factor mutually authenticated key agreement protocols for multi-server environments have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Several authors have put forward various authentication protocols for multi-server environment during the past decade. Wang et al. recently proposed a biometric-based authentication with key agreement protocol for multi-server environment and claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper shows that Wang et al. protocol’s users are sharing personal identifiable information with the application servers during the registration and authentication process. This nature of disclosing credentials leads to severe threats particularly insider attacks, user impersonation attacks, and server impersonation attacks. As a remedy of the aforementioned problems, this paper proposes a novel biometric-based mutually authenticated key agreement protocols for multi-server architecture based on elliptic curve cryptography. We prove that the proposed protocol achieves secure mutual authentication property using the broadly used Burrows–Abadi–Needham logic. The formal security of the proposed protocol is verified using the widely accepted automated validation of Internet security protocols and applications tool to show that our protocol can withstand active and passive attacks including the replay and man-in-the-middle attacks. The proposed protocol is robust and efficient compared with the existing related protocols.

Malicious-Secure Private Set Intersection via Dual Execution

Abstract: Private set intersection (PSI) allows two parties, who each hold a set of items, to compute the intersection of those sets without revealing anything about other items. Recent advances in PSI have significantly improved its performance for the case of semi-honest security, making semi-honest PSI a practical alternative to insecure methods for computing intersections. However, the semi-honest security model is not always a good fit for real-world problems. In this work we introduce a new PSI protocol that is secure in the presence of malicious adversaries. Our protocol is based entirely on fast symmetric-key primitives and inherits important techniques from state-of-the-art protocols in the semi-honest setting. Our novel technique to strengthen the protocol for malicious adversaries is inspired by the dual execution technique of Mohassel & Franklin (PKC 2006). Our protocol is optimized for the random-oracle model, but can also be realized (with a performance penalty) in the standard model. We demonstrate our protocol's practicality with a prototype implementation. To securely compute the intersection of two sets of size 220 requires only 13 seconds with our protocol, which is ~12x faster than the previous best malicious-secure protocol (Rindal & Rosulek, Eurocrypt 2017), and only 3x slower than the best semi-honest protocol (Kolesnikov et al., CCS 2016).

A Mutual Authentication Framework for Wireless Medical Sensor Networks

Abstract: Wireless medical sensor networks (WMSN) comprise of distributed sensors, which can sense human physiological signs and monitor the health condition of the patient. It is observed that providing privacy to the patient's data is an important issue and can be challenging. The information passing is done via the public channel in WMSN. Thus, the patient, sensitive information can be obtained by eavesdropping or by unauthorized use of handheld devices which the health professionals use in monitoring the patient. Therefore, there is an essential need of restricting the unauthorized access to the patient's medical information. Hence, the efficient authentication scheme for the healthcare applications is needed to preserve the privacy of the patients' vital signs. To ensure secure and authorized communication in WMSN, we design a symmetric key based authentication protocol for WMSN environment. The proposed protocol uses only computationally efficient operations to achieve lightweight attribute. We analyze the security of the proposed protocol. We use a formal security proof algorithm to show the scheme security against known attacks. We also use the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator to show protocol secure against man-in-the-middle attack and replay attack. Additionally, we adopt an informal analysis to discuss the key attributes of the proposed scheme. From the formal proof of security, we can see that an attacker has a negligible probability of breaking the protocol security. AVISPA simulator also demonstrates the proposed scheme security against active attacks, namely, man-in-the-middle attack and replay attack. Additionally, through the comparison of computational efficiency and security attributes with several recent results, proposed scheme seems to be battered.

Quantum identity authentication with single photon

Abstract: Quantum identity authentication with single photons is proposed in the paper. It can verify a user's identity without exposing to an authentication key information. The protocol guarantees high efficiency in that it can verify two bits of authentication information using just a single photon. The security of our authentication scheme is analyzed and confirmed in the case of a general attack. Moreover, the proposed protocol is practicable with current technology. Our quantum identity authentication protocol does not require quantum memory registration and any entangled photon sources.

A lightweight authentication and key agreement protocol preserving user anonymity

Abstract: Nowadays with widespread employment of the Internet, servers provide various services for legal users. The vital issue in client/server connections is authentication protocols that make the communication channel safe and secure against famous attacks. Recently, Kumari et al. and Chaudhry et al. proposed two authentication and key agreement protocols and illustrated that their proposed protocols are secure against various security attacks. However, in this paper we demonstrate that both protocols are vulnerable to off-line password guessing attacks. Moreover, we show that Kumari et al.'s protocol does not provide the property of user anonymity. In order to overcome these weaknesses, we propose a lightweight authentication and key agreement protocol. The correctness of the proposed protocol is proved using BAN logic. Security analysis demonstrates that the proposed protocol resists various security attacks and provides user anonymity. Furthermore, performance analysis confirms that the computation cost of the proposed protocol is acceptable.

UAKA-D2D: Universal Authentication and Key Agreement Protocol in D2D Communications

Abstract: Device-to-Device (D2D) communications have emerged as a promising technology for the next generation mobile communication networks and wireless systems (5G) As an underlay network of conventional cellular networks (LTE or LTE-Advanced), D2D communications have shown great potential in improving communication capability and fostering multifarious new applications and services However, new application scenarios and system architecture expose establishment of D2D communications into unique security threats Therefore, it is necessary to take security requirements into the design of D2D communications in order to ensure security and correct operations of the network In this paper, we proposed a Universal Authentication and Key Agreement protocol for D2D communications (UAKA-D2D) to achieve secure communication session establishment, where user roaming and inter-operator operation are considered Our protocol adopts Diffie-Hellman Key Exchange algorithm (DHKE) to achieve privacy preserving session key generation and employs message authentication code to achieve mutual authentication between D2D users The security of the proposed protocol is analyzed theoretically and verified by a formal security verification tool Finally, we evaluated the performance of the protocol in terms of computation and communication costs based on extensive analysis and simulations The results show the efficiency and practicality of the proposed protocol

A privacy-preserving, mutual puf-based authentication protocol

Abstract: An authentication protocol using a Hardware-Embedded Delay PUF ("HELP"), which derives randomness from within-die path delay variations that occur along the paths within a hardware implementation of a cryptographic primitive, for example, the Advanced Encryption Standard ("AES") algorithm or Secure Hash Algorithm 3 ("SHA-3"). The digitized timing values which represent the path delays are stored in a database on a secure server (verifier) as an alternative to storing PUF response bitstrings thereby enabling the development of an efficient authentication protocol that provides both privacy and mutual authentication.

A robust ElGamal-based password-authentication protocol using smart card for client-server communication

Abstract: Summary Smart card-based client-server authentication protocol is well popular for secure data exchange over insecure and hostile networks. Recently, Lee et al. put forward an authentication protocol by utilizing ElGamal cryptosystem and proved that it can withstand known security threats. This article evinces that the protocol of Lee et al. is unwilling to protect various important security vulnerabilities such as forgery attack and off-line password-guessing attack. To vanquish these loopholes, this article presents a robust authentication protocol for client-server communication over any insecure networks. The security explanation of our protocol has done through the formal and informal mechanism and its outcome makes sure that the designed protocol is strong enough to resist the known vulnerabilities. In addition, we have simulated our protocol using ProVerif online software and its results certify that our protocol is safe against private information of the client and server. This paper also has made performance estimation of the presented protocol and others, and the outcome favors the presented protocol.

SCAPI: a scalable attestation protocol to detect software and physical attacks

Abstract: Interconnected embedded devices are increasingly used in various scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical tasks, they become appealing targets for cyber attacks. A promising technique to remotely verify the safe and secure operation of networked embedded devices is remote attestation. However, existing attestation protocols only protect against software attacks, or show limited scalability and robustness. In this paper, we present the first scalable attestation protocol that detects physical attacks. Based on the assumption that physical attacks require an adversary to capture and disable devices for a noticeable amount of time, our protocol identifies devices with compromised hardware and software. Compared to existing solutions, our protocol reduces communication complexity and runtimes by orders of magnitude, precisely identifies compromised devices, and is robust against failures or network disruptions. We show the security of our protocol and evaluate its scalability and robustness. Our results demonstrate that our protocol is highly efficient in well-connected networks and operates robust in disruptive and very dynamic network topologies.

Efficient Authentication from Hard Learning Problems

Abstract: We construct efficient authentication protocols and message authentication codes (MACs) whose security can be reduced to the learning parity with noise (LPN) problem. Despite a large body of work—starting with the $${\mathsf {HB}}$$ protocol of Hopper and Blum in 2001—until now it was not even known how to construct an efficient authentication protocol from LPN which is secure against man-in-the-middle attacks. A MAC implies such a (two-round) protocol.

A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

Abstract: The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Abstract: SUMMARY Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al. proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al. claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al. protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al. protocol by imposing a little extra computation cost. Copyright © 2014 John Wiley & Sons, Ltd.

An Authentication Protocol for Future Sensor Networks.

Abstract: Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN-logic) and simulated the SMSN and previously proposed schemes in an automated protocol verifier tool. Finally, we compared the computational complexity and communication cost against well-known authentication protocols.

A privacy‐aware two‐factor authentication protocol based on elliptic curve cryptography for wireless sensor networks

Abstract: Summary As one of the enabling components of Internet of things (IoT), wireless sensor networks (WSNs) have found applications in a wide range of fields, in which outside users need to directly interact with sensors to obtain sensed data. However, WSNs are vulnerable to various attacks over wireless links, such as eavesdropping and tampering. How to ensure that sensitive or critical information is only available to legal users becomes a challenging issue. Two-factor authentication combining password and smart card perfectly matches this requirement because of its practicality. However, a dozen of two-factor authentication protocols have been suggested in recent years. Owing to the challenging mission of reconciling efficiency and security requirements, it is still challenging to propose a privacy-aware two-factor protocol that is capable of providing various security features while maintaining acceptable efficiency. In this paper, we put forward a privacy-aware two-factor authentication protocol based on elliptic curve cryptography for WSNs. Our new protocol accomplishes various security features necessary for real-life application environments while maintaining acceptable efficiency. We prove that the new protocol fulfills mutual authentication in the Burrows–Abadi–Needham logic. Additionally, by way of informal security analysis, we show that the new protocol can withstand a variety of attacks and provide desirable security features. Copyright © 2016 John Wiley & Sons, Ltd.

Cryptanalysis and Extended Three-Factor Remote User Authentication Scheme in Multi-Server Environment

Abstract: Recently, Wen et al have developed three-factor authentication protocol for multi-server environment, claiming it to be resistant to several kinds of attacks In this paper, we review Wen et al’s protocol and find that it does not fortify against many security vulnerabilities: (1) inaccurate password change phase, (2) failure to achieve forward secrecy, (3) improper authentication, (4) known session-specific temporary information vulnerability and (5) lack of smart card revocation and biometric update phase To get rid of these security weaknesses, we present a safe and reliable three-factor authentication scheme usable in multi-server environment The Burrows–Abadi–Needham logic shows that our scheme is accurate, and the formal and informal security verifications show that it can defend against various spiteful threats Further, we simulate our scheme using the broadly known Automated Validation of Internet Security Protocols and Applications tool, which ensures that it is safe from the active and passive attacks and also prevent the replay and man-in-the-middle attacks The performance evaluation shows that the presented protocol gives strong security as well as better complexity in the terms of communication cost, computation cost and estimated time

Authentication With Block-Chain Algorithm and Text Encryption Protocol in Calculation of Social Network

Abstract: Community detection is an important aspect of social network analysis, but social factors such as user intimacy, influence, and user interaction behavior are often overlooked as important factors. Most of the existing methods are single classification algorithms; multi-classification algorithms that can discover overlapping communities are still incomplete. In former works, we calculated intimacy based on the relationship between users, and divided them into their social communities based on intimacy. However, a malicious user can obtain the other user relationships, thus to infer other users interests, and even pretend to be the another user to cheat others. Therefore the information users concerned about needs to be transferred in the manner of privacy protection. In this paper, we propose an efficient privacy preserving algorithm to preserve the privacy of information in social networks. First, during expansion of communities on the base of mining seed, in order to prevent others from malicious users, we verify their identities after they send a request. We make use of the recognition and nontampering of the block chain to store the user’s public key and bind to the block address, which is used for authentication. At the same time, in order to prevent the honest but curious users from illegal access to other users’ information, we do not send plaintext directly after the authentication, but hash the attributes by mixed hash encryption to make sure that users can only calculate the matching degree rather than know specific information of other users. Analysis shows that our protocol would serve well against different types of attacks.

Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things

Abstract: To improve the quality of service and reduce the possibility of security attacks, a secure and efficient user authentication mechanism is required for Wireless Sensor Networks (WSNs) and the Internet of Things (IoT). Session key establishment between the sensor node and the user is also required for secure communication. In this paper, we perform the security analysis of A.K.Das’s user authentication scheme (given in 2015), Choi et al.’s scheme (given in 2016), and Park et al.’s scheme (given in 2016). The security analysis shows that their schemes are vulnerable to various attacks like user impersonation attack, sensor node impersonation attack and attacks based on legitimate users. Based on the cryptanalysis of these existing protocols, we propose a secure and efficient authenticated session key establishment protocol which ensures various security features and overcomes the drawbacks of existing protocols. The formal and informal security analysis indicates that the proposed protocol withstands the various security vulnerabilities involved in WSNs. The automated validation using AVISPA and Scyther tool ensures the absence of security attacks in our scheme. The logical verification using the Burrows-Abadi-Needham (BAN) logic confirms the correctness of the proposed protocol. Finally, the comparative analysis based on computational overhead and security features of other existing protocol indicate that the proposed user authentication system is secure and efficient. In future, we intend to implement the proposed protocol in real-world applications of WSNs and IoT.

Efficient anonymous authentication with key agreement protocol for wireless medical sensor networks

Abstract: The use of wireless medical sensor networks (WMSN) in healthcare has led to a significant progress in this area. WMSN can sense patients’ vital signs and transmit sensed signals to health monitoring devices. Health professionals can monitor the status of patients. Confidentiality and patient privacy are the main concern for the WMSN in health care. Recently, He et al. proposed an authentication protocol for the healthcare applications using WMSN. In this paper, we show that He et al.’s scheme is insecure against various attacks. We also present an improved scheme. In the security analysis, we demonstrate that our scheme is secured against various attacks. We use the BAN logic to prove the correctness of the proposed scheme. As a result, the proposed protocol is practical for healthcare applications.

A Robust and Efficient Privacy Aware Handover Authentication Scheme for Wireless Networks

Abstract: A handover authentication protocol ensures secure and seamless roaming over multiple access points. A number of such protocols are proposed, but most of these protocols are inefficient or insecure. Very recently, Li et al. (Wireless Pers Commun 80(2):581---589, 2015) proposed a privacy-aware handover authentication protocol, and claimed their protocol to be more lightweight and secure than existing protocols. However, our analysis identifies that Li et al.'s protocol is insecure against access point impersonation attack. As a remedy, we proposed an improved protocol to fix the security weakness of Li et al.'s protocol. The improved protocol achieves the provable security in the random oracle model against the hardness assumptions of the elliptic curve discrete logarithm problem and elliptic curve computational Diffie---Hellman problem. The proposed handover authentication protocol is also formally analyzed with the automated tool ProVerif. The improved protocol not only enhances the security but is more lightweight than other related protocols.

An efficient two‐party authentication key exchange protocol for mobile environment

Abstract: Summary The primary goal of this research is to ensure secure communications by client-server architectures in mobile environment Although various two-party authentication key exchange protocols are proposed and claimed to be resistant to a variety of attacks, studies have shown that various loopholes exist in these protocols What's more, many two-party authentication key exchange protocols use timestamp to prevent the replay attack and transmit the user's identity in plaintext form Obviously, these methods will lead to the clock synchronization problem and user's anonymity problem Fortunately, the three-way challenged-response handshake technique and masking user's original identity with a secret hash value used in our study address these problems well Of course, the proposed protocol based on elliptic curve cryptography supports flawless mutual authentication of participants, agreement of session key, impersonation attack resistance, replay attack resistance, and prefect forward secrecy, as well The analyses in the aspects of efficiency and security show that the proposed protocol is a better choice for mobile users