Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
A security risk of depending on synchronized clocks
ACM SIGOPS Operating Systems Review
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Password authentication with insecure communication
Communications of the ACM
Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
A remote user authentication scheme using hash functions
ACM SIGOPS Operating Systems Review
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Performance Analysis of Cryptographic Protocols on Handheld Devices
NCA '04 Proceedings of the Network Computing and Applications, Third IEEE International Symposium
A Remote Authentication Scheme Preserving User Anonymity
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme
NWESP '05 Proceedings of the International Conference on Next Generation Web Services Practices
A Novel User Authentication Scheme Using Smart Cards
CSSE '08 Proceedings of the 2008 International Conference on Computer Science and Software Engineering - Volume 03
A more efficient and secure dynamic ID-based remote user authentication scheme
Computer Communications
Cryptanalysis of two three-party encrypted key exchange protocols
Computer Standards & Interfaces
DoS-resistant ID-based password authentication scheme using smart cards
Journal of Systems and Software
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
A modified remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
A remote user authentication scheme using smart cards with forward secrecy
IEEE Transactions on Consumer Electronics
IEEE Transactions on Consumer Electronics
A dynamic ID-based remote user authentication scheme
IEEE Transactions on Consumer Electronics
Cryptanalysis and improvement of sood et al.'s dynamic ID-Based authentication scheme
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Review: Dynamic ID-based remote user password authentication schemes using smart cards: A review
Journal of Network and Computer Applications
On the security of an improved password authentication scheme based on ECC
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
An improved dynamic ID-based remote user authentication with key agreement scheme
Journal of Electrical and Computer Engineering
Hi-index | 0.00 |
With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated by research community in these two decades. Recently, two well-designed password based authentication schemes using smart cards are introduced by Hsiang and Shih (2009) and Wang et al. (2009), respectively. Hsiang et al. proposed a static ID based authentication protocol and Wang et al. presented a dynamic ID based authentication scheme. The authors of both schemes claimed that their protocol delivers important security features and system functionalities, such as mutual authentication, data security, no verification table implementation, freedom on password selection, resistance against ID-theft attack, replay attack and insider attack, as well as computation efficiency. However, these two schemes still have much space for security enhancement. In this paper, we first demonstrate a series of vulnerabilities on these two schemes. Then, two enhanced protocols with corresponding remedies are proposed to eliminate all identified security flaws in both schemes.