Recently, remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most remote user authentication schemes on ECC are based on public-key cryptosystem, in which the public key in the system requires the associated certificate to prove its validity. Thus, the user needs to perform additional computations to verify the certificate in these schemes. In addition, we find these schemes do not provide mutual authentication or a session key agreement between the user and the remote server. Therefore, we propose an ID-based remote mutual authentication with key agreement scheme on ECC in this paper. Based upon the ID-based concept, the proposed scheme does not require public keys for users such that the additional computations for certificates can be reduced. Moreover, the proposed scheme not only provides mutual authentication but also supports a session key agreement between the user and the server. Compared with the related works, the proposed scheme is more efficient and practical for mobile devices.
