Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Remote Authentication Scheme Preserving User Anonymity
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
Improved Remote User Authentication Scheme Preserving User Anonymity
CNSR '07 Proceedings of the Fifth Annual Conference on Communication Networks and Services Research
A more efficient and secure dynamic ID-based remote user authentication scheme
Computer Communications
WSEAS Transactions on Information Science and Applications
Two robust remote user authentication protocols using smart cards
Journal of Systems and Software
Weaknesses of a dynamic ID-based remote user authentication scheme
International Journal of Electronic Security and Digital Forensics
Secure Dynamic Identity-Based Authentication Scheme Using Smart Cards
Information Security Journal: A Global Perspective
Secure dynamic identity-based remote user authentication scheme
ICDCIT'10 Proceedings of the 6th international conference on Distributed Computing and Internet Technology
IEEE Transactions on Consumer Electronics
A dynamic ID-based remote user authentication scheme
IEEE Transactions on Consumer Electronics
Secure password-based remote user authentication scheme with non-tamper resistant smart cards
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
On the security of an improved password authentication scheme based on ECC
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
Comments on an advanced dynamic ID-Based authentication scheme for cloud computing
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
Security analysis of a secure and practical dynamic identity-based remote user authentication scheme
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
NSS'12 Proceedings of the 6th international conference on Network and System Security
| Hi-index | 0.00 |
Anonymity is one of the important properties of remote authentication schemes to preserve user privacy. Recently, Sood et al. showed that Wang et al.'s dynamic ID-based remote user authentication scheme fails to preserve user anonymity and is vulnerable to various attacks if the smart card is non-tamper resistant. Consequently, an improved version of dynamic ID-based authentication scheme was proposed and claimed that it is efficient and secure. In this paper, however, we will show that Sood et al.'s scheme still cannot preserve user anonymity under their assumption. In addition, their scheme is also vulnerable to the offline password guessing attack and the stolen verifier attack. To remedy these security flaws, we propose an enhanced authentication scheme, which covers all the identified weaknesses of Sood et al.'s scheme and is more secure and efficient for practical application environment.