Security Analysis of a Secure Dynamic ID based Remote User Authentication Scheme for Multi-server Environment

2013 ◽  
Vol 13 (1) ◽  
pp. 273-278 ◽  
Author(s):  
Hyung-Kyu Yang
Keyword(s):  
User Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Remote User Authentication ◽  
Dynamic Id ◽  
User Authentication Scheme ◽  
Multi Server ◽  
Remote User

Improvement of a Dynamic ID-Based Remote User Authentication Scheme for Multi-Server Environment Using Smart Card

2013 ◽  
Vol 380-384 ◽  
pp. 286-289
Author(s):  
Zhen Zhen Wang ◽  
Jin Kou Ding ◽  
Zheng Ping Jin ◽  
Hua Zhang
Keyword(s):  
Smart Card ◽  
User Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Remote User Authentication ◽  
Dynamic Id ◽  
User Authentication Scheme ◽  
And Performance ◽  
Multi Server ◽  
Remote User

In 2011, Lee et al. analyzed the security weaknesses of Hsiang et al.s scheme and proposed a security dynamic ID-based multi-server remote user authentication scheme. They claimed that their protocol is secure and efficient. However, we observe that Lee et al.'s scheme is still vulnerable to stolen smart card attack, malicious server attack. To remedy these security weaknesses, we propose an improved dynamic ID-based remote user authentication scheme for multi-server environment. Besides, security analysis and performance analysis show that compared with other remote user authentication schemes, the proposed scheme is more secure and possesses lower computation cost. As a result, the proposed scheme seems to be more practical for users with portable mobile devices in multi-server environment.

scholarly journals Security analysis and enhancements of an improved multi-factor biometric authentication scheme

2017 ◽  
Vol 13 (8) ◽  
pp. 155014771772430 ◽  
Author(s):  
YoHan Park ◽  
KiSung Park ◽  
KyungKeun Lee ◽  
Hwangjun Song ◽  
YoungHo Park
Keyword(s):  
User Authentication ◽  
Security Analysis ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Biometric Authentication ◽  
Remote User Authentication ◽  
Dynamic Id ◽  
User Authentication Scheme ◽  
Guessing Attack ◽  
Remote User

Many remote user authentication schemes have been designed and developed to establish secure and authorized communication between a user and server over an insecure channel. By employing a secure remote user authentication scheme, a user and server can authenticate each other and utilize advanced services. In 2015, Cao and Ge demonstrated that An’s scheme is also vulnerable to several attacks and does not provide user anonymity. They also proposed an improved multi-factor biometric authentication scheme. However, we review and cryptanalyze Cao and Ge’s scheme and demonstrate that their scheme fails in correctness and providing user anonymity and is vulnerable to ID guessing attack and server masquerading attack. To overcome these drawbacks, we propose a security-improved authentication scheme that provides a dynamic ID mechanism and better security functionalities. Then, we show that our proposed scheme is secure against various attacks and prove the security of the proposed scheme using BAN Logic.

Sign in / Sign up

Export Citation Format

Share Document