An efficient remote mutual authentication scheme using smart mobile phone over insecure networks

To establish a secure connection between a mobile user and a remote server, this paper presents a session key agreement scheme through remote mutual authentication protocol by using mobile application software(MAS). We analyzed the security of our protocol informally, which confirms that the protocol is secure against all the relevant security attacks including off-line identity-password guessing attacks, user-server impersonation attacks, and insider attack. In addition, the widely accepted simulator tool AVISPA simulates the proposed protocol and confirms that the protocol is SAFE under the OFMC and CL-AtSe back-ends. Our protocol not only provide strong security against the relevant attacks, but it also achieves proper mutual authentication, user anonymity, known key secrecy and efficient password change operation. The performance comparison is also performed, which ensures that the protocol is efficient in terms of computation and communication costs.