Improvement of the dynamic ID-based remote user authentication scheme

Abstract

Recently, Das, Saxena and Gulati proposed a dynamic ID-based remote user authentication scheme and claimed that their scheme is secure. In this paper, we show that Das, Saxena and Gulati's scheme is vulnerable to insider, masquerade, and server spoofing attacks. Moreover, it fails to provide mutual authentication. In order to remedy these drawbacks, this paper proposes a secure dynamic ID-based remote user authentication scheme using smart cards. The performance evaluation and security analysis show that our proposal is feasible in terms of computational cost, storage capacity, and the scheme can resist several attacks.