Security enhancement for a dynamic ID-based remote user authentication scheme

Abstract

In a paper recently published in the IEEE transaction on consumer electronics, Das, Saxena, and Gulati proposed a dynamic ID-based remote user authentication scheme using smart cards that allows the users to choose and change their passwords freely, and does not maintain any verifier table. It can protect against ID-theft, replaying, forgery, guessing, insider, and stolen verifier attacks. However, this paper shows that Das, Saxena, and Gulati's scheme has some attacks. Therefore, we propose a slight modification to their scheme to improve their weaknesses. As a result, the improved scheme can enhance the security of Das, Saxena, and Gulati's scheme. In addition, the proposed scheme does not add many computational costs additionally. Compare with their scheme, our scheme is also efficient.