Security vulnerabilities of user authentication scheme using smart card

Authors:
Ravi Singh Pippal;Jaidhar C.D.;Shashikala Tapaswi
Affiliations:
ABV-Indian Institute of Information Technology and Management, Gwalior, India;Defence Institute of Advanced Technology, Girinagar, Pune, India;ABV-Indian Institute of Information Technology and Management, Gwalior, India
Venue:
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Year:
2012

Citing 15
Cited 0

Password authentication with insecure communication

Communications of the ACM
Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme

NWESP '05 Proceedings of the International Conference on Next Generation Web Services Practices
Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards

Computer Standards & Interfaces
Cryptanalysis of Wang et al.'s Remote User Authentication Scheme Using Smart Cards

ITNG '08 Proceedings of the Fifth International Conference on Information Technology: New Generations
A more efficient and secure dynamic ID-based remote user authentication scheme

Computer Communications
Advanced smart card based password authentication protocol

Computer Standards & Interfaces
Novel Access Control Scheme with User Authentication Using Smart Cards

CSO '10 Proceedings of the 2010 Third International Joint Conference on Computational Science and Optimization - Volume 02
A Security Enhanced Remote Password Authentication Scheme Using Smart Card

ISDPE '10 Proceedings of the 2010 Second International Symposium on Data, Privacy, and E-Commerce
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Cryptanalysis of a remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Security of two remote user authentication schemes using smart cards

IEEE Transactions on Consumer Electronics
Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Further improvement of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
A dynamic ID-based remote user authentication scheme

IEEE Transactions on Consumer Electronics

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the exponential growth of Internet users, various business transactions take place over an insecure channel. To secure these transactions, authentication is the primary step that needs to be passed. To overcome the problems associated with traditional password based authentication methods, smart card authentication schemes have been widely used. However, most of these schemes are vulnerable to one or the other possible attack. Recently, Yang, Jiang and Yang proposed RSA based smart card authentication scheme. They claimed that their scheme provides security against replay attack, password guessing attack, insider attack and impersonation attack. This paper demonstrates that Yang et al.'s scheme is vulnerable to impersonation attack and fails to provide essential features to satisfy the needs of a user. Further, comparative study of existing schemes is also presented on the basis of various security features provided and vulnerabilities present in these schemes.