Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards
نویسندگان
چکیده
Recently, Das et al. proposed a dynamic ID-based verifierfree password authentication scheme using smart cards. To resist the IDtheft attack, the user’s login ID is dynamically generated and one-time used. Herein, we demonstrate that Das et al.’s scheme is vulnerable to an impersonation attack, in which the adversary can easily impersonate any user to login the server at any time. Furthermore, we also show several minor weaknesses of Das et al.’s scheme. key words: dynamic ID, impersonation attack, password authentication, reparability, smart card
منابع مشابه
A Secured and Improved Dynamic ID based Remote User Authentication Scheme using Smart Card and Hash Function for Distributed Systems
Abstract—Authentication is a major concern for accessing remote service residing over on server in an distributed systems. It is difficult to remember different identities and passwords for users. In order to solve the flaws encountered in many remote user authentication schemes in multi-server environment, only authentic user login to the remote server has been used. These remote schemes resis...
متن کاملSecurity Weaknesses of Dynamic ID-based Remote User Authentication Protocol
Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.’s protocol is not secure to randoml...
متن کاملCryptanalysis of Two Dynamic ID-Based Remote User Authentication Schemes for Preserving User Privacy
Remote user authentication is an essential part in electronic commerce to identify legitimate users over the Internet. However, how to protect user privacy in the authentication has become an important issue recently. Therefore, many secure authentication schemes with smart cards have been proposed. In this paper, we will analyze the security weaknesses of two recently proposed authentication s...
متن کاملSecurity Analysis of a Dynamic ID-based Authentication Scheme for Multi-server Environment Using Smart Cards
To guarantee secure communications in multi-server environment, Lee et al. proposed a dynamic ID-based remote user authentication scheme using smart card. They also demonstrated that their scheme could withstand various attacks. This paper reviews Lee et al.’s scheme and provides a security analysis on it. Our analysis shows that Lee et al. is vulnerable to the impersonation attack, the server ...
متن کاملCryptanalysis and An Efficient Secure ID-Based Remote User Authentication Scheme Using Smart Card pdfkeywords=Attack, Authentication, Password, Secure ID, Smart Card
Remote User authentication protocol is used for verifying the legitimacy of a remote user over insecure network environments. Recently, many secure ID based remote user authentication scheme using smart card have been proposed in the literature. In 2012, Ratan-Sanjay [1] proposed secure ID based remote user authentication scheme using smart card and claimed that their scheme can avoid all types...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IEICE Transactions
دوره 88-B شماره
صفحات -
تاریخ انتشار 2005