Security Analysis of a Nonce-Based User Authentication Scheme Using Smart Cards*This work was supported by the Korean Ministry of Information and Communication under the Information Technology Research Center (ITRC) support program supervised by the Institute of Information Technology Assessment (IITA).

Authors:
Junghyun Nam;Seungjoo Kim;Sangjoon Park;Dongho Won
Affiliations:
The authors are with the Information Security Group, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon, Gyeonggi-do 440-746, Korea. E-mail: jhnam@security.re.kr, E-mail: skim@security ...;The authors are with the Information Security Group, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon, Gyeonggi-do 440-746, Korea. E-mail: jhnam@security.re.kr, E-mail: skim@security ...;The authors are with the Information Security Group, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon, Gyeonggi-do 440-746, Korea. E-mail: jhnam@security.re.kr, E-mail: skim@security ...;The authors are with the Information Security Group, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon, Gyeonggi-do 440-746, Korea. E-mail: jhnam@security.re.kr, E-mail: skim@security ...
Venue:
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Year:
2007

Citing 0
Cited 5

Vulnerabilities in a remote agent authentication scheme using smart cards

KES-AMSTA'08 Proceedings of the 2nd KES International conference on Agent and multi-agent systems: technologies and applications
On the analysis and design of a family tree of smart card based user authentication schemes

UIC'07 Proceedings of the 4th international conference on Ubiquitous Intelligence and Computing
A secure user-friendly authentication scheme with anonymity for wireless communications

Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Cryptanalysis of a remote user authentication scheme for mobile client-server environment based on ECC

Information Fusion
Security Analysis of a Chaotic Map-based Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

A remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. Recently, Lee et al. have proposed an efficient nonce-based scheme for remote user authentication using smart cards. This work reviews Lee et al.'s authentication scheme and provides a security analysis on the scheme. Our analysis shows that Lee et al.'s scheme does not achieve its basic aim of authenticating remote users and furthermore has a very hazardous method for changing passwords. In addition, we recommend some changes to the scheme so that it can attain at least its main security goal.