A new mutual authentication scheme based on nonce and smart cards

Authors:
Jia-Yong Liu;An-Min Zhou;Min-Xu Gao
Affiliations:
Institute of Information Security, Sichuan University, No. 24, South Sectioin 1, Yihuan Road, Chengdu, Sichuan 610065, China;Institute of Information Security, Sichuan University, No. 24, South Sectioin 1, Yihuan Road, Chengdu, Sichuan 610065, China;Institute of Information Security, Sichuan University, No. 24, South Sectioin 1, Yihuan Road, Chengdu, Sichuan 610065, China
Venue:
Computer Communications
Year:
2008

Citing 1
Cited 12

Security improvement on a timestamp-based password authentication scheme

IEEE Transactions on Consumer Electronics

Short Communication: Cryptanalysis of a mutual authentication scheme based on nonce and smart cards

Computer Communications
Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments

Computer Standards & Interfaces
A secure remote authentication scheme preserving user anonymity with non-tamper resistant smart cards

WSEAS Transactions on Information Science and Applications
Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards

Journal of Network and Computer Applications
Robust authentication and key agreement scheme preserving the privacy of secret key

Computer Communications
Robust one-time password authentication scheme using smart card for home network environment

Computer Communications
Location-based authentication protocol for first cognitive radio networking standard

Journal of Network and Computer Applications
Cryptanalysis of nonce-based mutual authentication scheme using smart cards

ICHIT'11 Proceedings of the 5th international conference on Convergence and hybrid information technology
An improved timestamp-based remote user authentication scheme

Computers and Electrical Engineering
An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards

Journal of Network and Computer Applications
A More Secure Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems
A Secure Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems

Quantified Score

Hi-index	0.24

Visualization

Abstract

In 2003, Shen, Lin and Hwang proposed a timestamp-based password authentication scheme using smart card. In the scheme the remote server does not need to store the passwords or verification tables for users' authentication, and the scheme also provides a timestamp-based mutual authentication method to prevent the forged login attack and the forged server attack. However, this authentication scheme has been found to be vulnerable to forged login attack; an attacker could impersonate legitimate users to login and access the remote server. To solve this problem, an improved scheme will be proposed in this paper, which is based on nonce instead of timestamp and can withstand the existing forged attacks. The security analysis shows that the improved scheme still keeps the features of the non-storage data model authentication scheme, will not add additional computation cost to the smart card, and is more secure and more applicable than Shen's scheme.