scholarly journals More secure smart card-based remote user password authentication scheme with user anonymity

2013 ◽  
Vol 7 (11) ◽  
pp. 2039-2053 ◽  
Author(s):  
Saru Kumari ◽  
Muhammad Khurram Khan
Keyword(s):  
Smart Card ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User

Cryptanalysis of a Remote User Authentication Scheme

2013 ◽  
Vol 433-435 ◽  
pp. 1699-1701
Author(s):  
Bang Ju Wang ◽  
Huan Guo Zhang
Keyword(s):  
Smart Card ◽  
User Authentication ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

Among many user authentications over insecure networks, password authentication is simple, convenient and widely adopted one. Chen and Lee proposed a new hash-based password authentication using smart card and claimed that their scheme could resist seven attacks as listed in their paper. However, in this paper, it is pointed out that Chen-Lee’s scheme is vulnerable to off-line password guessing, replay and impersonation attacks when the smart card is lost or stolen.

An enhanced smart card based remote user password authentication scheme

2013 ◽  
Vol 36 (5) ◽  
pp. 1365-1371 ◽  
Author(s):  
Xiong Li ◽  
Jianwei Niu ◽  
Muhammad Khurram Khan ◽  
Junguo Liao
Keyword(s):  
Smart Card ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User

scholarly journals A Remote User Authentication Scheme with Anonymity for Mobile Devices

10.5772/50912 ◽  
2012 ◽  
Vol 9 (1) ◽  
pp. 13 ◽  
Author(s):  
Soobok Shin ◽  
Kangseok Kim ◽  
Ki-Hyung Kim ◽  
Hongjin Yeh
Keyword(s):  
Mobile Devices ◽  
Smart Card ◽  
User Authentication ◽  
Mutual Authentication ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Efficient System ◽  
Remote Server ◽  
Remote User Authentication ◽  
Remote User

With the rapid growth of information technologies, mobile devices have been utilized in a variety of services such as e-commerce. When a remote server provides such e-commerce services to a user, it must verify the legitimacy of the user over an insecure communication channel. Therefore, remote user authentication has been widely deployed to verify the legitimacy of remote user login requests using mobile devices like smart cards. In this paper we propose a smart card-based authentication scheme that provides both user anonymity and mutual authentication between a remote server and a user. The proposed authentication scheme is a simple and efficient system applicable to the limited resource and low computing performance of the smart card. The proposed scheme provides not only resilience to potential attacks in the smart card-based authentication scheme, but also secure authentication functions. A smart card performs a simple one-way hash function, the operations of exclusive-or and concatenation in the authentication phase of the proposed scheme. The proposed scheme also provides user anonymity using a dynamic identity and key agreement, and secure password change.

Robust smart-card-based remote user password authentication scheme

2012 ◽  
Vol 27 (2) ◽  
pp. 377-389 ◽  
Author(s):  
Bae-Ling Chen ◽  
Wen-Chung Kuo ◽  
Lih-Chyau Wuu
Keyword(s):  
Smart Card ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User

A Robust and Efficient Password Authentication Scheme Using Smart Cards

2014 ◽  
Vol 571-572 ◽  
pp. 1172-1175
Author(s):  
Wei Jing Li ◽  
Ping Zhu ◽  
Hua Zhang ◽  
Zheng Ping Jin
Keyword(s):  
Elliptic Curve Cryptography ◽  
Secure Communication ◽  
User Anonymity ◽  
Smart Cards ◽  
Authentication Scheme ◽  
Forward Secrecy ◽  
Session Key ◽  
Password Authentication ◽  
Computation Cost ◽  
Remote User

Password authentication scheme using smart cards is an important part of securely accessing the server program. In 2012, Chen et al. proposed a robust smart-card-based remote user password authentication scheme. Recently, Li et al. discovered the scheme of Chen et al. cannot really ensure forward secrecy, and it cannot achieve the goal of efficiency for wrong password login. Then, they proposed an enhanced remote user password authentication scheme based on smart cards. In this paper, we propose a novel authentication scheme by using elliptic curve cryptography. The new scheme can achieve both the user anonymity and the goal of efficiency of incorrect password detection, and can also establish a session key for the subsequent secure communication. Moreover, we show by a detailed analysis that it requires lower computation cost while improving the security of the scheme.

Sign in / Sign up

Export Citation Format

Share Document