Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards

Authors:
Han-Cheng Hsiang;Wei-Kuan Shih
Affiliations:
Department of Computer Science, National Tsing Hua University, No. 101, Kuang Fu Rd, Sec. 2, 300 HsingChu, Taiwan and Department of Information Management, Vanung University of Science and Technol ...;Department of Computer Science, National Tsing Hua University, No. 101, Kuang Fu Rd, Sec. 2, 300 HsingChu, Taiwan
Venue:
Computer Communications
Year:
2009

Citing 6
Cited 12

Shared authentication token secure against replay and weak key attacks

Information Processing Letters
Password authentication with insecure communication

Communications of the ACM
Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Further improvement of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

An improvement of Hsiang-Shih's authentication scheme using smart cards

Proceedings of the International Conference and Workshop on Emerging Trends in Technology
A secure remote authentication scheme preserving user anonymity with non-tamper resistant smart cards

WSEAS Transactions on Information Science and Applications
Two robust remote user authentication protocols using smart cards

Journal of Systems and Software
Robust authentication and key agreement scheme preserving the privacy of secret key

Computer Communications
Robust one-time password authentication scheme using smart card for home network environment

Computer Communications
An RFID secure authentication mechanism in WLAN

Computer Communications
An efficient anonymous authentication protocol for mobile pay-TV

Journal of Network and Computer Applications
AUTHHOTP- HOTP based authentication scheme over home network environment

ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part III
Cryptanalysis and improvement of sood et al.'s dynamic ID-Based authentication scheme

ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Review: Dynamic ID-based remote user password authentication schemes using smart cards: A review

Journal of Network and Computer Applications
A password authentication scheme against smart card security breach

ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
An improved dynamic ID-based remote user authentication with key agreement scheme

Journal of Electrical and Computer Engineering

Quantified Score

Hi-index	0.24

Visualization

Abstract

Remote user authentication scheme is a procedure which allows a server to authenticate a remote user through insecure channel. Recently, Yoon, Ryu and Yoo made an enhancement based on Ku-Chen's remote user authentication scheme by using smart cards. The scheme has the merits of providing mutual authentication, no verification table, freely choosing password, involving only few hashing operations and parallel session attack resistance. In this paper, we point out security flaws of Yoon-Ryu-Yoo's protocols against masquerading attack, off-line password guessing attacks and parallel session attack. An improvement to enhance Yoon-Ryu-Yoo's security scheme is proposed.