Secure dynamic identity-based remote user authentication scheme

  • Authors:

  • Sandeep K. Sood;Anil K. Sarje;Kuldip Singh

  • Affiliations:

  • Department of Electronics S Computer Engineering, Indian Institute of Technology, Roorkee, India;Department of Electronics S Computer Engineering, Indian Institute of Technology, Roorkee, India;Department of Electronics S Computer Engineering, Indian Institute of Technology, Roorkee, India

  • Venue:
  • ICDCIT'10 Proceedings of the 6th international conference on Distributed Computing and Internet Technology
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

In 2000, Sun proposed an efficient smart card based remote user authentication scheme to improve the efficiency of Hwang and Li’s scheme. In 2002, Chien et al. demonstrated that Sun’s scheme only achieves unilateral user authentication so that only authentication server authenticates the legitimacy of the remote user and proposed a new remote user authentication scheme. In 2004, Hsu demonstrated that Chien et al.’s scheme is vulnerable to parallel session attack. In 2005, Lee et al. proposed an improved scheme to overcome this weakness while maintaining the merits of Chien et al.’s scheme. In 2005, Yoon and Yoo found that Lee et al.’s scheme is vulnerable to masquerading server attack and proposed an improved scheme. In 2009, Xu et al. demonstrated that Lee et al.’s scheme is vulnerable to offline password guessing attack and proposed an improved scheme. However, we found that Lee et al.’s scheme is also vulnerable to impersonation attack, malicious user attack and reflection attack. Moreover, Lee et al.’s scheme fails to protect the user’s anonymity in insecure communication channel. This paper presents an improved scheme to resolves the aforementioned problems, while keeping the merits of Lee et al.’s scheme.