Shared authentication token secure against replay and weak key attacks
Information Processing Letters
Password authentication with insecure communication
Communications of the ACM
Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards
Computer Standards & Interfaces
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Cryptanalysis of a remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
IEEE Transactions on Consumer Electronics
IEEE Transactions on Consumer Electronics
An efficient anonymous authentication protocol for mobile pay-TV
Journal of Network and Computer Applications
Biometric encryption based on a fuzzy vault scheme with a fast chaff generation algorithm
Future Generation Computer Systems
A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
Wireless Personal Communications: An International Journal
Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography
Computer Standards & Interfaces
Hi-index | 0.00 |
With the current level of development of network technologies, various business activities take place on the Internet, and therefore how to assure the security of these activities over an insecure communication channel has become one of the most important issues. Authentication is the first step to protect users. Recently, Wang et al. proposed a remote user authentication scheme using smart cards to provide users with secure activities over an insecure Internet environment. Wang et al. claimed that their scheme is secured against guessing attacks, forgery attacks and denial of service (DoS) attacks which Ku et al.'s and Yoon et al.'s schemes suffered from. In this paper, we state that Wang et al.'s scheme is still vulnerable to the impersonation attack and parallel session attack. Furthermore, we propose an enhancement of Wang et al.'s scheme and provide the criteria of authentication scheme which secures a user against the risk of attack over an insecure Internet environment, for instance, session key agreement, mutual authentication and perfect forward secrecy. Moreover, we analyze the security of our scheme and prove that ours is suitable for applications with high security requirements.