Security Vulnerabilities of a Remote User Authentication Scheme Using Smart Cards Suited for a Multi-server Environment

Authors:
Youngsook Lee;Dongho Won
Affiliations:
Department of Cyber Investigation Police, Howon University, Korea;Department of Computer Engineering, Sungkyunkwan University, Korea
Venue:
ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II
Year:
2009

Citing 16
Cited 0

Authentication and authenticated key exchanges

Designs, Codes and Cryptography
An attack on the Needham-Schroeder public-key authentication protocol

Information Processing Letters
Password authentication with insecure communication

Communications of the ACM
Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Flexible User Authentication Scheme for Multi-server Internet Services

ICN '01 Proceedings of the First International Conference on Networking-Part 1
An Efficient and Secure Multi-Server Password Authentication Scheme using Smart Cards

CW '04 Proceedings of the 2004 International Conference on Cyberworlds
An Efficient Multi-Server Password Authenticated Key Agreement Scheme Using Smart Cards with Access Control

AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
A Password-Based Authentication and Key Establishment Scheme for Mobile Environment

AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Security Weaknesses in Chang and Wu's Key Agreement Protocol for a Multi-Server Environment

ICEBE '08 Proceedings of the 2008 IEEE International Conference on e-Business Engineering
Security enhancement for password authentication schemes with smart cards

TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
A simple remote user authentication scheme

Mathematical and Computer Modelling: An International Journal
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Efficient multi-server password authenticated key agreement using smart cards

IEEE Transactions on Consumer Electronics
A remote password authentication scheme for multiserver architecture using neural networks

IEEE Transactions on Neural Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, Liu et al. have proposed an efficient scheme for a remote user authentication using smart cards suited for a multi-server environment. This work reviews Liu et al,'s scheme and provides a security analysis on the scheme. Our analysis shows that Liu et al.'s scheme does not achieve its fundamental goal not only of mutual authentication bur also of password security. We demonstrate these by mounting a user impersonation attack and an off-line password guessing attack, respectively, on Liu et al.'s scheme.