Weaknesses of a Remote User Password Authentication Scheme Using Smart Card
نویسندگان
چکیده
Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, Hsiang et al. pointed out that Yoon et al’s scheme is vulnerable to parallel session attack, masquerading attack and password guess attack. They proposed an improved scheme to remedy these pitfalls. They claimed their scheme can against parallel session attack, masquerading attack and password guess attack. However, we find that Hsiang et al.’s scheme is vulnerable password guess attack, masquerading user attack and masquerading server attack.
منابع مشابه
An Improved Remote User Password Authentication Scheme Using Smart Card with Session Key Agreement
Remote user authentication is a mechanism, in which the remote server verifies the legitimacy of a user over an insecure communication. Password authentication based on smart cards is one of the simplest and most efficient authentication methods and is a commonly deployed to authenticate the legitimacy of remote users. Based on cryptographic techniques, several password authentication schemes h...
متن کاملSecurity Weaknesses and Improvements of a Fingerprint-based Remote User Authentication Scheme Using Smart Cards
Abstract Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2006, Khan et al.[12] proposed an improved fingerprint-based remote user authentication scheme using smart cards that is achieved mutual authentication between the user and the server, while eliminating the drawback of Lee...
متن کاملAn Enhanced Remote User Authentication Scheme with Smart Card
In 2000, Hwang and Li’s proposed a new remote user authentication scheme with smart cards. Some researchers pointed out the security weaknesses of Hwang and Li’s scheme and they also proposed some modified schemes to avoid these weaknesses. In 2004, Kumar proposed a new remote user authentication scheme and try to solve the security problems of Hwang and Li’s scheme. This paper analyzes that Ku...
متن کاملA smart card based remote user authentication scheme
Password based authentication schemes are commonly used to authenticate remote users. Many schemes have been proposed both with and without smart cards but each have its own merits and demerits. This paper analyzes the security of an enhanced Dynamic ID based remote user authentication scheme and shows that the enhanced scheme has major security weaknesses. The paper also presents a new scheme ...
متن کاملA New Remote User Authentication Scheme Using Smart Cards with Forward Secrecy
Hwang and Li proposed the first remote user authentication scheme using smart cards to solve the problems of Lamport scheme. Unfortunately, Hwang and Li’s scheme has some security weaknesses. First, ChanChang, ShenLinHwang and then Chang-Hwang pointed out some attacks on Hwang – Li’s scheme. This paper presents a new remote user authentication scheme with forward secrecy, which provides forward...
متن کاملA Secure Remote Authentication Scheme Preserving User Anonymity with Non-Tamper Resistant Smart Cards
Anonymity is one of the important properties of remote authentication schemes to preserve user privacy. Besides, it can avoid unauthorized entities from using the user ID and other intercepted information to forge legal login messages. In 2004, Das et al. first proposed a remote user authentication scheme with smart cards using dynamic ID to protect user anonymity. Later, in 2005, Chien and Che...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 13 شماره
صفحات -
تاریخ انتشار 2011