Two - factor Authentication Schemes Based Smart Card and Password with User Anonymity ⋆
نویسندگان
چکیده
Two-factor anonymous authentication using password and smart card could preserve user privacy and reduce the risk than the use of a single authentication factor. Recently, Chang et al. pointed some security weaknesses in Wang et al.’s anonymous authentication scheme and proposed enhanced scheme. They claimed that their scheme provides desired security properties. However, we show that Chang et al.’s scheme is still vulnerable to the off-line dictionary attack and denial of service attacks. To resist these attacks, we propose an improved two-factor authentication and key agreement scheme with user anonymity.
منابع مشابه
Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation
A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN sche...
متن کاملCryptanalysis of Two Dynamic ID-Based Remote User Authentication Schemes for Preserving User Privacy
Remote user authentication is an essential part in electronic commerce to identify legitimate users over the Internet. However, how to protect user privacy in the authentication has become an important issue recently. Therefore, many secure authentication schemes with smart cards have been proposed. In this paper, we will analyze the security weaknesses of two recently proposed authentication s...
متن کاملSecure Password-based Remote User Authentication Scheme Against Smart Card Security Breach
It is a challenge for password authentication protocols using non-tamper resistant smart cards to achieve user anonymity, forward secrecy, immunity to various attacks and high performance at the same time. In 2011, Li and Lee showed that both Hsiang-Shih’s password-based remote user authentication schemes are vulnerable to various attacks if the smart card is non-tamper resistant. Consequently,...
متن کاملA Secure Remote Authentication Scheme Preserving User Anonymity with Non-Tamper Resistant Smart Cards
Anonymity is one of the important properties of remote authentication schemes to preserve user privacy. Besides, it can avoid unauthorized entities from using the user ID and other intercepted information to forge legal login messages. In 2004, Das et al. first proposed a remote user authentication scheme with smart cards using dynamic ID to protect user anonymity. Later, in 2005, Chien and Che...
متن کاملCryptanalysis and Improvement of Jiang et al.'s Smart Card Based Remote User Authentication Scheme
Smart card based remote user password authentication schemes are one of the user-friendly and scalable mechanism to establish secure communication between remote entities. These schemes try to ensure secure and authorized communication between remote entities over the insecure public network. Although, most of the existing schemes do not satisfy desirable attributes, such that resistance agains...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013