@Article{cmc.2025.073550,
AUTHOR = {Huihui Zhu, Fei Tang, Chunhua Jin, Ping Wang},
TITLE = {Heterogeneous User Authentication and Key Establishment Protocol for Client-Server Environment},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {87},
YEAR = {2026},
NUMBER = {1},
PAGES = {--},
URL = {http://www.techscience.com/cmc/v87n1/66067},
ISSN = {1546-2226},
ABSTRACT = {The ubiquitous adoption of mobile devices as essential platforms for sensitive data transmission has heightened the demand for secure client-server communication. Although various authentication and key agreement protocols have been developed, current approaches are constrained by homogeneous cryptosystem frameworks, namely public key infrastructure (PKI), identity-based cryptography (IBC), or certificateless cryptography (CLC), each presenting limitations in client-server architectures. Specifically, PKI incurs certificate management overhead, IBC introduces key escrow risks, and CLC encounters cross-system interoperability challenges. To overcome these shortcomings, this study introduces a heterogeneous signcryption-based authentication and key agreement protocol that synergistically integrates IBC for client operations (eliminating PKI’s certificate dependency) with CLC for server implementation (mitigating IBC’s key escrow issue while preserving efficiency). Rigorous security analysis under the mBR (modified Bellare-Rogaway) model confirms the protocol’s resistance to adaptive chosen-ciphertext attacks. Quantitative comparisons demonstrate that the proposed protocol achieves 10.08%–71.34% lower communication overhead than existing schemes across multiple security levels (80-, 112-, and 128-bit) compared to existing protocols.},
DOI = {10.32604/cmc.2025.073550}
}