Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
A Remote Authentication Scheme Preserving User Anonymity
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme
NWESP '05 Proceedings of the International Conference on Next Generation Web Services Practices
A password authentication scheme over insecure networks
Journal of Computer and System Sciences
An Anonymous Digital Cash and Fair Payment Protocol Utilizing Smart Card in Mobile Environments
GCCW '06 Proceedings of the Fifth International Conference on Grid and Cooperative Computing Workshops
Password-Based Access Control Scheme with Remote User Authentication Using Smart Cards
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Improved Remote User Authentication Scheme Preserving User Anonymity
CNSR '07 Proceedings of the Fifth Annual Conference on Communication Networks and Services Research
Cryptanalysis and Improvement of an "Improved Remote Authentication Scheme with Smart Card'
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
A new mutual authentication scheme based on nonce and smart cards
Computer Communications
Anonymous and Traceable Authentication Scheme using Smart Cards
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
EARS: Efficient Entity Authentication in Remote Systems
ITNG '08 Proceedings of the Fifth International Conference on Information Technology: New Generations
A Simple and Secure Authentication and Key Establishment Protocol
ICETET '08 Proceedings of the 2008 First International Conference on Emerging Trends in Engineering and Technology
Improvement of Wang-Li's Forward-Secure User Authentication Scheme with Smart Cards
ISDA '08 Proceedings of the 2008 Eighth International Conference on Intelligent Systems Design and Applications - Volume 01
More secure remote user authentication scheme
Computer Communications
Computer Standards & Interfaces
Successfully attacking masked AES hardware implementations
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
On second-order differential power analysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
A simple remote user authentication scheme
Mathematical and Computer Modelling: An International Journal
IEEE Transactions on Consumer Electronics
IEEE Transactions on Consumer Electronics
A dynamic ID-based remote user authentication scheme
IEEE Transactions on Consumer Electronics
Cryptanalysis and improvement of sood et al.'s dynamic ID-Based authentication scheme
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
A new dynamic ID-Based remote user authentication scheme with forward secrecy
APWeb'12 Proceedings of the 14th international conference on Web Technologies and Applications
Hi-index | 0.00 |
Anonymity is one of the important properties of remote authentication schemes to preserve user privacy. Besides, it can avoid unauthorized entities from using the user ID and other intercepted information to forge legal login messages. In 2004, Das et al. first proposed a remote user authentication scheme with smart cards using dynamic ID to protect user anonymity. Later, in 2005, Chien and Chen demonstrated that Das et al.'s scheme fails to preserve user anonymity and then presented a new scheme to remedy this problem. In 2007, Hu et al. pointed out that Chien-Chen's scheme cannot preserve user anonymity if the smart card is nontamper resistant; i.e., the secret information stored in the smart card can be revealed. They then proposed an improved scheme to cope with this problem. In this paper, however, we will show that Hu et al.'s scheme still cannot preserve user anonymity under their assumption. In addition, their scheme is also vulnerable to the offline password guessing attack. We then present an improvement to overcome these weaknesses, while preserving all the merits of their scheme.