Robust Smart-Card-Based Remote User Password Authentication Scheme

ASIAIR > College of Management > Department of International Business > Journal Artical > Item 310904400/79672

Please use this identifier to cite or link to this item: http://asiair.asia.edu.tw/ir/handle/310904400/79672

Title:	Robust Smart-Card-Based Remote User Password Authentication Scheme
Authors:	陳柏淩;CHEN, BAE-LING;Kuo, Wen-Chu;Kuo, Wen-Chung;Wuu, Lih-Chy;Wuu, Lih-Chyau
Contributors:	資訊多媒體應用學系
Keywords:	smart card;session key agreement;mutual authentication;internal attack;stolen-smart-card attack
Date:	2014
Issue Date:	2014-06-05 03:50:59 (UTC+0)
Abstract:	Smart-card-based remote user password authentication schemes are commonly used for providing authorized users a secure method for remotely accessing resources over insecure networks. In 2009, Xu et al. proposed a smart-card-based password authentication scheme. They claimed their scheme can withstand attacks when the information stored on the smart card is disclosed. Recently, Sood et al. and Song discovered that the smart-card-based password authentication scheme of Xu et al. is vulnerable to impersonation and internal attacks. They then proposed their respective improved schemes. However, we found that there are still flaws in their schemes: the scheme of Sood et al. does not achieve mutual authentication and the secret key in the login phase of Song's scheme is permanent and thus vulnerable to stolen-smart-card and off-line guessing attacks. In this paper, we will propose an improved and efficient smart-card-based password authentication and key agreement scheme. According to our analysis, the proposed scheme not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen-smart-card attack.
Relation:	INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS,27(2),377–389.
Appears in Collections:	[Department of International Business] Journal Artical

Files in This Item:

File	Size	Format
index.html	0Kb	HTML	360	View/Open

Loading...