Advanced smart card based password authentication protocol

Authors:
Ronggong Song
Affiliations:
Network Information Operation, Defence R&D Canada-Ottawa, Ontario K1A0Z4, Canada
Venue:
Computer Standards & Interfaces
Year:
2010

Citing 9
Cited 8

Password authentication with insecure communication

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
The Design of a High Speed ASIC Unit for the Hash Function SHA-256 (384, 512)

Proceedings of the conference on Design, automation and test in Europe - Volume 3
An improved smart card based password authentication scheme with provable security

Computer Standards & Interfaces
Two-factor user authentication in wireless sensor networks

IEEE Transactions on Wireless Communications
A case against currently used hash functions in RFID protocols

OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
An enhanced remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
New remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards

Journal of Network and Computer Applications
Security analysis of a multi-factor authenticated key exchange protocol

ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Security vulnerabilities of user authentication scheme using smart card

DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
On the security of an improved password authentication scheme based on ECC

ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks

Journal of Network and Computer Applications
Robust and flexible tunnel management for secure private cloud

ACM SIGAPP Applied Computing Review
A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture

Journal of Computer and System Sciences
Cryptanalysis and improvement of a DoS-resistant ID-based password authentication scheme without using smart card

International Journal of Information and Communication Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Password-based authentication is widely used for systems that control remote access to computer networks. In order to address some of the security and management problems that occur in traditional password authentication protocols, research in recent decades has focused on smart card based password authentication. In this paper, we show that the improved smart card authentication scheme proposed by Xu-Zhu-Feng is vulnerable to internal and impersonation attacks. We propose an improvement of their solution, present a new efficient strong smart card authentication protocol, and demonstrate that the new protocol satisfies the requirements of strong smart card authentication and is more efficient.