M. Hwang, E. F. Cahyadi, Yuen-Cheng Chou, Cheng-Ying Yang
{"title":"Kumar智能卡远程用户认证方案的密码分析","authors":"M. Hwang, E. F. Cahyadi, Yuen-Cheng Chou, Cheng-Ying Yang","doi":"10.1109/CIS2018.2018.00099","DOIUrl":null,"url":null,"abstract":"One of the common necessity to have secret communication through Internet is to authenticate the legality of users. The simplest and most popular authentication technique to have secret communication through Internet is remote user authentication scheme. Recently, Kumar proposed an enhanced amart card-based remote user authentication scheme. Their scheme was robust and easy to implement. They claimed that their scheme could against explicit key authentication, replay attack, stolen-verifier attacks, forward secrecy, denial of service attacks, impersonation attacks, mutual authentication, parallel session attack, password guessing attacks, smart card loss attacks, attack via registered identity, and attack via password. In this article, we will show that Kumar's scheme is vulnerable to the off-line guessing password attack. In this article, we also propose an improved Kumar's enhanced smart card-based remote user authentication scheme to withstand the vulnerability in their scheme.","PeriodicalId":185099,"journal":{"name":"2018 14th International Conference on Computational Intelligence and Security (CIS)","volume":"325 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Cryptanalysis of Kumar's Remote User Authentication Scheme with Smart Card\",\"authors\":\"M. Hwang, E. F. Cahyadi, Yuen-Cheng Chou, Cheng-Ying Yang\",\"doi\":\"10.1109/CIS2018.2018.00099\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the common necessity to have secret communication through Internet is to authenticate the legality of users. The simplest and most popular authentication technique to have secret communication through Internet is remote user authentication scheme. Recently, Kumar proposed an enhanced amart card-based remote user authentication scheme. Their scheme was robust and easy to implement. They claimed that their scheme could against explicit key authentication, replay attack, stolen-verifier attacks, forward secrecy, denial of service attacks, impersonation attacks, mutual authentication, parallel session attack, password guessing attacks, smart card loss attacks, attack via registered identity, and attack via password. In this article, we will show that Kumar's scheme is vulnerable to the off-line guessing password attack. In this article, we also propose an improved Kumar's enhanced smart card-based remote user authentication scheme to withstand the vulnerability in their scheme.\",\"PeriodicalId\":185099,\"journal\":{\"name\":\"2018 14th International Conference on Computational Intelligence and Security (CIS)\",\"volume\":\"325 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 14th International Conference on Computational Intelligence and Security (CIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIS2018.2018.00099\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 14th International Conference on Computational Intelligence and Security (CIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS2018.2018.00099","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cryptanalysis of Kumar's Remote User Authentication Scheme with Smart Card
One of the common necessity to have secret communication through Internet is to authenticate the legality of users. The simplest and most popular authentication technique to have secret communication through Internet is remote user authentication scheme. Recently, Kumar proposed an enhanced amart card-based remote user authentication scheme. Their scheme was robust and easy to implement. They claimed that their scheme could against explicit key authentication, replay attack, stolen-verifier attacks, forward secrecy, denial of service attacks, impersonation attacks, mutual authentication, parallel session attack, password guessing attacks, smart card loss attacks, attack via registered identity, and attack via password. In this article, we will show that Kumar's scheme is vulnerable to the off-line guessing password attack. In this article, we also propose an improved Kumar's enhanced smart card-based remote user authentication scheme to withstand the vulnerability in their scheme.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
