A Secure Password-Authenticated Key Agreement Using Smart Cards
نویسندگان
چکیده
Smart card based password for authentication has become a common trend. Although smart card brings conveniences, it also increases the risk in the case of lost cards. In other words, when the smart card is possessed by an attacker, the attacker will possibly attempt to analyze the secret information within the smart card to deduce the authentication mechanism of the server and then forge user credentials or break the entire authentication system. In this paper, we analyze the lost smart card attack from Juang, et al.’s scheme [9] that proposes password authenticated key agreement and propose an improved robust and efficient user authentication and key agreement scheme using smart cards. In order to bolster the security of the entire system, we mitigated some of its weaknesses.
منابع مشابه
Privacy Preserving Three-party Authenticated Key Agreement Protocol using Smart Cards
How to make people keep both security and privacy in communication networks has been a hot topic in recent years. Researchers proposed three party authenticated key agreement (3PAKA) protocols to answer this question, which allows two parties to agree a new secure session key with the help of a trusted server. Recently, Yang et al. proposed a provably secure 3PAKA protocol. However, this paper ...
متن کاملPassword Authenticated Key Agreement for Contactless Smart Cards
This paper describes and compares the usage of passwordbased authenticated key agreement protocols to establish a secure communication channel between terminal and contactless card. In particular, protocols of this kind are discussed for use in contactless ID cards. The aim of this paper is to discuss, for the first time, two cryptographic password-based protocols with respect to security, impl...
متن کاملA Password-Authenticated Key Agreement Scheme Based on ECC Using Smart Cards
Public Key Cryptography (PKC) is recently playing an essential role in electronic banking and financial transactions. Elliptic Curve Cryptography (ECC) is one of the best public key techniques for its small key size and high security and is suitable for secure access of smart cards because implementation on smart cards is challenging due to memory, bandwidth, and computation constraints. In thi...
متن کاملMutual Authentication Scheme with Smart Cards and Password under Trusted Computing
Only identities of the server and the user are authenticated in traditional smart cards based password authentication schemes, but the platform does not be verified, and which cannot provide enough protection on personal information of the user. A mutual authentication scheme based on smart cards and password is proposed under trusted computing, in which hash functions are used to authenticate ...
متن کاملA New Cross-Realm Client-to-Client Password-Authentication Key Exchange Protocol
A cross-realm client-to-client password-authenticated key exchange (CR-C2C-PAKE) protocol provides a method of key exchange based on password-authenticated between clients registered in different servers. Our proposed CR-C2C-PAKE protocol can be implemented in secret-key setting. It can resist all types of known attacks including the password-compromise impersonation attack. We use common stora...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013