A robust remote user authentication scheme against smart card security breach

  • Authors:

  • Chun-Ta Li;Cheng-Chi Lee;Chen-Ju Liu;Chin-Wen Lee

  • Affiliations:

  • Department of Information Management, Tainan University of Technology, Tainan City, Taiwan, R.O.C.;Department of Library and Information Science, Fu Jen Catholic University, New Taipei City, Taiwan, R.O.C. and Department of Photonics and Communication Engineering, Asia University, Taichung City ...;Department of Information Management, Tainan University of Technology, Tainan City, Taiwan, R.O.C.;Department of Information Management, Tainan University of Technology, Tainan City, Taiwan, R.O.C.

  • Venue:
  • DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

Remote user authentication is important to identify whether communicating parties are genuine and trustworthy using the password and the smart card between a login user and a remote server. Recently, we find that Kim et al.'s password-based authentication scheme assume that the attacker cannot extract the secret information of the smart card. However, in reality, the authors in show that the secrets stored in the card can be extracted by monitoring its power consumption. Therefore, Kim et al.'s scheme fail to resist smart card security breach. As the main contribution of this paper, a robust remote user authentication scheme against smart card security breach is presented, while keeping the merits of the well-known smart card based authentication schemes.