An Efficient Biometric and Password-Based Remote User Authentication using Smart Card for Telecare Medical Information Systems in Multi-Server Environment

2014 ◽  
Vol 38 (12) ◽  
Author(s):  
Tanmoy Maitra ◽  
Debasis Giri
Keyword(s):  
Information Systems ◽  
Smart Card ◽  
Medical Information ◽  
User Authentication ◽  
Medical Information Systems ◽  
Telecare Medical Information Systems ◽  
Remote User Authentication ◽  
Multi Server ◽  
Remote User

Analysis of the Dynamic ID-Based Remote User Authentication Schemes Using Smart Card for Multi-Server Environments

2014 ◽  
Vol 543-547 ◽  
pp. 3343-3347
Author(s):  
Xue Lei Li ◽  
Qiao Yan Wen ◽  
Wen Min Li ◽  
Hua Zhang ◽  
Zheng Ping Jin
Keyword(s):  
Smart Card ◽  
User Authentication ◽  
Password Guessing Attack ◽  
Remote User Authentication ◽  
Diffie Hellman ◽  
Dynamic Id ◽  
Authentication Schemes ◽  
Guessing Attack ◽  
Multi Server ◽  
Remote User

In this paper, we analyze and point out several weaknesses in the dynamic ID-based remote user authentication schemes using smart card for multi-server environments, and present the countermeasures to enhance the security of the schemes. Taking Li et al.'s scheme for instance, we demonstrate that their scheme does not provide forward secrecy and key privacy for the session keys, and cannot resist offline password guessing attack. Furthermore, the reasons of these security weaknesses are analyzed through extending the attacks to its predecessors. Finally, the improved ideas of local verification and authenticated Diffie-Hellman key agreement are presented to overcome the weaknesses mentioned above.

Sign in / Sign up

Export Citation Format

Share Document