IEEE Spectrum
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Password authentication with insecure communication
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Improved Low Computation Cost User Authentication Scheme for Mobile Communication
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Two-factor mutual authentication based on smart cards and passwords
Journal of Computer and System Sciences
Formal analysis and systematic construction of two-factor authentication scheme (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Robust smart-cards-based user authentication scheme with user anonymity
Security and Communication Networks
| Hi-index | 0.00 |
In 2004, Wu-Chieu proposed improvements to their original authentication scheme in order to strengthen it to withstand impersonation attacks. In 2005, Lee-Lin-Chang proposed improvements on Wu-Chieu’s original scheme so that not only could it withstand a forgery attack, but it required less computational costs and it was suitable for mobile communication. The current paper, however, demonstrates that Wu-Chieu’s improved scheme is vulnerable to an off-line password guessing attack and an impersonation attack by the use of a stolen smart card. Also, we demonstrates that Lee-Lin-Chang’s scheme is vulnerable to a forgery attack. Furthermore, we present a new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange in order to isolate such problems and to provide mutual authentication between the user and the remote system.