An Enhanced Remote Authentication Scheme using Secure Key Exchange Protocol with Platform Integrity Attestation

Most remote authentication schemes use key exchange protocol to provide secure communication over an untrusted network. The protocol enables remote client and host to authenticate each other and communicate securely with prearranged shared secret key or server secret key. Many remote services environment such as online banking and electronic commerce are dependent on remote authentication schemes to validate user legitimacy in order to fulfill the authentication process. Unfortunately, these schemes are not able to provide trust or evidence of claimed platform identity. Therefore, these schemes are vulnerable to malicious software attacks that could compromise the integrity of the platform used for the communication. As a result, user identity or shared secret key potentially can be exposed. In this paper, we present a remote authentication scheme using secure key exchange protocol with hardware based attestation to resist malicious software attack. In addition, a pseudonym identity enhancement is integrated into the scheme in order to improve user identity privacy.