Efficient remote user authentication scheme using smart cards
International Journal of Internet Technology and Secured Transactions
Security vulnerabilities of user authentication scheme using smart card
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Security analysis of a secure and practical dynamic identity-based remote user authentication scheme
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
Hi-index | 0.43 |
In 2000, Sun proposed an efficient remote user authentication scheme using smart cards (published in IEEE Transactions on Consumer Electronics, vol. 46, no. 4, 2000) Recently, Chien et al. pointed out that Sun's scheme only achieve the unilateral authentication. That is, only the authentication server can authenticate that of the remote user while the use cannot authenticate that of the server. Chien et al. further proposed a new efficient and practical solution to achieve the mutual user authentication (published in Computer & Security, vol. 21, No. 4 2002). This paper, however, will demonstrate that Sun's scheme is vulnerable to the off-line and on-line password guessing attacks and Chien et al.'s scheme is vulnerable to the parallel session attack.