An Enhanced Secure Remote User Authentication Scheme without Verification Table
|
10.5120/20011-1970 |
Sumitra Binu, Pethuru Raj and M Misbahuddin. Article: An Enhanced Secure Remote User Authentication Scheme without Verification Table. International Journal of Computer Applications 114(10):1-5, March 2015. Full text available. BibTeX
@article{key:article,
author = {Sumitra Binu and Pethuru Raj and M. Misbahuddin},
title = {Article: An Enhanced Secure Remote User Authentication Scheme without Verification Table},
journal = {International Journal of Computer Applications},
year = {2015},
volume = {114},
number = {10},
pages = {1-5},
month = {March},
note = {Full text available}
}
Abstract
With the significant advances in communication networks over the last few decades, smart cards have been widely used in many e-commerce applications and network security protocols due to their low cost, portability, efficiency and cryptographic properties. In this paper, we analyze Sood et al. 's smart card based authentication scheme and demonstrate that the scheme is vulnerable to masquerade user attack, offline password guessing attack, time concurrency weaknesses and fails to achieve mutual authentication. A secure dynamic identity based remote user authentication scheme without verification tables, is proposed in this paper and the scheme resolves the aforementioned problems of Sood et al. 's scheme. The computation cost of the proposed scheme is comparable to Sood et al. 's scheme and it is highly secure taking into consideration the complexity of calculating discrete logarithms and the resistance to various attacks.
References
- W. C. Ku, S. M. Chen, "Weakness and Improvement of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards," IEEE Transactions on Consumer Electronics 50(1), 204-207 (2004)
- Y. C. Chen, L. Y. Yeh, " An Efficient Nonce-Based Authentication Scheme with Key Agreement," Applied Mathematics and Computation 169(2), 982-994 (2005)
- W. G. Shieh, J. M. Wang, "Efficient Remote Mutual Authentication and Key Agreement," Computers and Security 25(1), 72-77 (2006)
- H. C Hsiang, W. K. Shih,"Weakness and Improvement of Yoon-Ryu-Yoo Remote User Authentication Scheme Using Smart Cards," Computer Communications 32(4), 649-652 (2009)
- M. Kumar, "A New Secure Remote User Authentication Scheme with Smart Cards", International Journal of Network Security 11, 88-93 (2010)
- S. K. Sood, A. K Sarje, K. Singh, "A Secure Dynamic Identity-Based Remote User Authentication Scheme," In:T. Janowski, H. Mohanty. (eds) ICDCIT 2010. LNCS, vol. 5966, pp. 224-235, Springer, Heidelberg (2010)]
- M. Misbahuddin, A. A. Mohammed, M. H. Shastri, "A Simple and Efficient Solution to Remote User Authentication using Smart Cards," In Proceeding of International Conference on Innovations in Information Technology (IIT '06), Dubai,Nov. 2006, pp. 1-5.
- L. Lamport, "Password Authentication with Insecure Communication," Communications of the ACM, vol. 24. no. 11, pp. 770-772, November 1981
- M. L. Das, A. Saxena and V. P. Gulati," A Dynamic ID-Based Remote User Authentication Scheme, " IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 629-631, May 2004
- T. Goriparthi, M. L. Das, A. Saxena, "An Improved Bilinear Pairing Based Remote User Authentication Scheme," Computer Standards and Interfaces 2009, 31 : (181-185)
- Y. P. Liao, S. S. Wang, "A Secure Dynamic ID Based Remote User Authentication Scheme for Multi Server Environment," Computer Standards and Interfaces 2009, 31(1): 24-29
- Y. Y. Wang, J. Y. Liu, F. X. Xiao, J. Dan, "A More Efficient and Secure Dynamic ID Based Remote User Authentication Scheme," Computer Communications, 2009, 32(2): 583-585
- H. Y Chien and C. H. Chen, "A Remote Authentication Scheme Preserving User Anonymity," In Proceedings of Advanced Information Networking and Applications, vol. 2, pp. 245-248, March 2005
- I. E. Liao, C. C. Lee and M. S. Hwang, "Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme," In Proceeding of Conference on Next Generation on Web Services Practice, pp. 437-440, July 2005
- E. J. Yoon and K. Y. Yoo, " Improving the Dynamic ID-Based Remote Mutual Authentication Scheme," In Proceedings of OTM Workshops 2006, LNCS 4277, pp. 499-507, July 2006
- Y. P Liou, J. Lin and S. S. Wang, " A New Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards," In Proceedings of 16th Information Security Conference, Taiwan, pp. 198-205, July 2006
- H. C. Shih, "Cryptanalysis on Two Password Authentication Schemes," Laboratory of Cryptography and Information Security, National Central University, Taiwan, July 2008
- H. C. Hsiang and W. K. Shih, "Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-Server Environment", Computer Standards & Interfaces, vol. 31, (2009), pp. 1118-1123
- S. K. Sood. A. K. Sarje and K. Singh, "An Improvement of Liou et al. 's Authentication Scheme Using Smart Cards," International Journal of Computer Applications, vol. 1, no. 8, (2010), pp. 16-23
- W. C. Ku and S. T. Chang, "Impersonation Attack on Dynamic ID-Based Remote User Authentication Scheme using Smart Cards," IEICE Transactions on Communications, vol. E88-B, No. 5, pp. 2165-2167, May 2005
- C. S. Kwang and G. C. Jung, "An Improvement of Sood et al. 's Authentication Scheme using Smart Card", International Journal of Security and Its Applications, vol. 7, No. 3, May, 2013