Premium
A new privacy‐preserving authentication protocol for anonymous web browsing
Author(s) -
Yang Xu,
Yi Xun,
Khalil Ibrahim,
Cui Hui,
Yang Xuechao,
Nepal Surya,
Huang Xinyi,
Zeng Yali
Publication year - 2018
Publication title -
concurrency and computation: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.309
H-Index - 67
eISSN - 1532-0634
pISSN - 1532-0626
DOI - 10.1002/cpe.4706
Subject(s) - computer science , anonymity , computer security , authentication protocol , authentication (law) , protocol (science) , challenge handshake authentication protocol , world wide web , computer network , internet privacy , medicine , alternative medicine , pathology
Summary Anonymous authentication technique receives wide attention in recent years since it can protect users' privacy. Anonymous web browsing refers to utilization of the World Wide Web that hides a user's personally identifiable information from the websites visited. Even if a user can hide the IP address and other physical information with anonymity programs such as Tor, the web server can always monitor the user on the basis of the identity. In this paper, we firstly give an overview and cryptanalysis on the protocol of Yang et al and point out the security weaknesses of their protocol. Then, we propose a new authentication protocol for anonymous web browsing. In the proposed protocol, we take the advantages of a pseudo identity mechanism and an identity‐based elliptic curve cryptography algorithm to achieve user anonymity, robust security, and high efficiency. The result of security analysis and performance evaluation indicate the feasibility and practicality of our proposed anonymous authentication protocol.