Two Robust Remote User Authentication Protocols Using Smart Cards
With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2010
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/1323 http://dx.doi.org/10.1016/j.jss.2010.07.062 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-2322 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-23222011-02-22T01:30:19Z Two Robust Remote User Authentication Protocols Using Smart Cards YEH, Kuo-Hui Su, Chunhua LO, Nai-Wei LI, Yingjiu Hung, Yi-Xiang With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated by research community in these two decades. Recently, two well-designed password based authentication schemes using smart cards are introduced by Hsiang and Shih (2009) and Wang et al. (2009), respectively. Hsiang et al. proposed a static ID based authentication protocol and Wang et al. presented a dynamic ID based authentication scheme. The authors of both schemes claimed that their protocol delivers important security features and system functionalities, such as mutual authentication, data security, no verification table implementation, freedom on password selection, resistance against ID-theft attack, replay attack and insider attack, as well as computation efficiency. However, these two schemes still have much space for security enhancement. In this paper, we first demonstrate a series of vulnerabilities on these two schemes. Then, two enhanced protocols with corresponding remedies are proposed to eliminate all identified security flaws in both schemes. 2010-01-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/1323 info:doi/10.1016/j.jss.2010.07.062 http://dx.doi.org/10.1016/j.jss.2010.07.062 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Authentication Cryptanalysis Security Smart card Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Authentication Cryptanalysis Security Smart card Information Security |
spellingShingle |
Authentication Cryptanalysis Security Smart card Information Security YEH, Kuo-Hui Su, Chunhua LO, Nai-Wei LI, Yingjiu Hung, Yi-Xiang Two Robust Remote User Authentication Protocols Using Smart Cards |
description |
With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated by research community in these two decades. Recently, two well-designed password based authentication schemes using smart cards are introduced by Hsiang and Shih (2009) and Wang et al. (2009), respectively. Hsiang et al. proposed a static ID based authentication protocol and Wang et al. presented a dynamic ID based authentication scheme. The authors of both schemes claimed that their protocol delivers important security features and system functionalities, such as mutual authentication, data security, no verification table implementation, freedom on password selection, resistance against ID-theft attack, replay attack and insider attack, as well as computation efficiency. However, these two schemes still have much space for security enhancement. In this paper, we first demonstrate a series of vulnerabilities on these two schemes. Then, two enhanced protocols with corresponding remedies are proposed to eliminate all identified security flaws in both schemes. |
format |
text |
author |
YEH, Kuo-Hui Su, Chunhua LO, Nai-Wei LI, Yingjiu Hung, Yi-Xiang |
author_facet |
YEH, Kuo-Hui Su, Chunhua LO, Nai-Wei LI, Yingjiu Hung, Yi-Xiang |
author_sort |
YEH, Kuo-Hui |
title |
Two Robust Remote User Authentication Protocols Using Smart Cards |
title_short |
Two Robust Remote User Authentication Protocols Using Smart Cards |
title_full |
Two Robust Remote User Authentication Protocols Using Smart Cards |
title_fullStr |
Two Robust Remote User Authentication Protocols Using Smart Cards |
title_full_unstemmed |
Two Robust Remote User Authentication Protocols Using Smart Cards |
title_sort |
two robust remote user authentication protocols using smart cards |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2010 |
url |
https://ink.library.smu.edu.sg/sis_research/1323 http://dx.doi.org/10.1016/j.jss.2010.07.062 |
_version_ |
1770570966166929408 |