A random increasing sequence hash chain and smart card-based remote user authentication scheme

Abstract

In 2012, Hsieh and Leu proposed a remote user authentication scheme. They use cryptographic hash functions to design their scheme. By designing a method to analyse one-way hash functions, we propose two attacks on their scheme. One is masquerade attack and another is guessing attack. In addition, we point out that their scheme provides no user anonymity and propose a remote user authentication scheme. Our scheme can provide user anonymity. Based on the one-wayness of hash functions and random increasing sequence-based hash chain, our proposed scheme can resist outsider masquerade attack and insider guessing attack.