Two robust remote user authentication protocols using smart cards

Authors:
Kuo-Hui Yeh;Chunhua Su;N. W. Lo;Yingjiu Li;Yi-Xiang Hung
Affiliations:
Department of Information Management, National Taiwan University of Science and Technology, Taipei, 106, Taiwan, ROC;School of Information Systems, Singapore Management University, Singapore 178902, Singapore;Department of Information Management, National Taiwan University of Science and Technology, Taipei, 106, Taiwan, ROC;School of Information Systems, Singapore Management University, Singapore 178902, Singapore;Department of Information Management, National Taiwan University of Science and Technology, Taipei, 106, Taiwan, ROC
Venue:
Journal of Systems and Software
Year:
2010

Citing 23
Cited 6

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
A security risk of depending on synchronized clocks

ACM SIGOPS Operating Systems Review
Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Undetectable on-line password guessing attacks

ACM SIGOPS Operating Systems Review
Password authentication with insecure communication

Communications of the ACM
A flexible remote user authentication scheme using smart cards
Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
A remote user authentication scheme using hash functions

ACM SIGOPS Operating Systems Review
One Way Hash Functions and DES

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Performance Analysis of Cryptographic Protocols on Handheld Devices

NCA '04 Proceedings of the Network Computing and Applications, Third IEEE International Symposium
A Remote Authentication Scheme Preserving User Anonymity

AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme

NWESP '05 Proceedings of the International Conference on Next Generation Web Services Practices
A Novel User Authentication Scheme Using Smart Cards

CSSE '08 Proceedings of the 2008 International Conference on Computer Science and Software Engineering - Volume 03
A more efficient and secure dynamic ID-based remote user authentication scheme

Computer Communications
Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards

Computer Communications
Cryptanalysis of two three-party encrypted key exchange protocols

Computer Standards & Interfaces
DoS-resistant ID-based password authentication scheme using smart cards

Journal of Systems and Software
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
A modified remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
A remote user authentication scheme using smart cards with forward secrecy

IEEE Transactions on Consumer Electronics
Further improvement of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
A dynamic ID-based remote user authentication scheme

IEEE Transactions on Consumer Electronics

Cryptanalysis and improvement of sood et al.'s dynamic ID-Based authentication scheme

ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Review: Dynamic ID-based remote user password authentication schemes using smart cards: A review

Journal of Network and Computer Applications
On the security of an improved password authentication scheme based on ECC

ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
Cryptanalysis of a remote user authentication scheme for mobile client-server environment based on ECC

Information Fusion
An Efficient Chaotic Maps-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems

Journal of Medical Systems
An improved dynamic ID-based remote user authentication with key agreement scheme

Journal of Electrical and Computer Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated by research community in these two decades. Recently, two well-designed password based authentication schemes using smart cards are introduced by Hsiang and Shih (2009) and Wang et al. (2009), respectively. Hsiang et al. proposed a static ID based authentication protocol and Wang et al. presented a dynamic ID based authentication scheme. The authors of both schemes claimed that their protocol delivers important security features and system functionalities, such as mutual authentication, data security, no verification table implementation, freedom on password selection, resistance against ID-theft attack, replay attack and insider attack, as well as computation efficiency. However, these two schemes still have much space for security enhancement. In this paper, we first demonstrate a series of vulnerabilities on these two schemes. Then, two enhanced protocols with corresponding remedies are proposed to eliminate all identified security flaws in both schemes.