Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2025.073550
Journal Menu
Special Issues
Table of Content

All issues

Online First

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

Heterogeneous User Authentication and Key Establishment Protocol for Client-Server Environment

Huihui Zhu1, Fei Tang2,*, Chunhua Jin3, Ping Wang1
1 School of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing, 400065, China
2 School of Cyber Security and Information Law, Chongqing University of Posts and Telecommunications, Chongqing, 400065, China
3 Faculty of Computer and Software Engineering, Huaiyin Institute of Technology, Huai’an, 233003, China
* Corresponding Author: Fei Tang. Email: email
(This article belongs to the Special Issue: Privacy-Enhancing Technologies for Secure Data Cooperation and Circulation)

Computers, Materials & Continua https://doi.org/10.32604/cmc.2025.073550

Received 20 September 2025; Accepted 10 November 2025; Published online 05 December 2025

Abstract

The ubiquitous adoption of mobile devices as essential platforms for sensitive data transmission has heightened the demand for secure client-server communication. Although various authentication and key agreement protocols have been developed, current approaches are constrained by homogeneous cryptosystem frameworks, namely public key infrastructure (PKI), identity-based cryptography (IBC), or certificateless cryptography (CLC), each presenting limitations in client-server architectures. Specifically, PKI incurs certificate management overhead, IBC introduces key escrow risks, and CLC encounters cross-system interoperability challenges. To overcome these shortcomings, this study introduces a heterogeneous signcryption-based authentication and key agreement protocol that synergistically integrates IBC for client operations (eliminating PKI’s certificate dependency) with CLC for server implementation (mitigating IBC’s key escrow issue while preserving efficiency). Rigorous security analysis under the mBR (modified Bellare-Rogaway) model confirms the protocol’s resistance to adaptive chosen-ciphertext attacks. Quantitative comparisons demonstrate that the proposed protocol achieves 10.08%–71.34% lower communication overhead than existing schemes across multiple security levels (80-, 112-, and 128-bit) compared to existing protocols.

Keywords

User authentication; key establishment; client-server; heterogeneous; security

  • 97

    View

  • 17

    Download

  • 0

    Like

Related articles
Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link