{"title":"基于智能卡的动态身份认证方案的安全性分析与改进","authors":"Xiong Li, J. Niu, M. Khan, Junguo Liao","doi":"10.1109/ISBAST.2013.27","DOIUrl":null,"url":null,"abstract":"Remote user authentication is an important and efficient method to ensure security for many network-based application systems. So far, several dynamic identity based authentication schemes have been proposed to protect the user's anonymity. Recently, Sood pointed out the security weaknesses of a dynamic identity based authentication scheme, which was proposed by Wang et al. presented an improved scheme. However, in this paper, we demonstrate that Sood's scheme cannot resist leak of verifier attack, impersonation attack and server spoofing attack. Furthermore, Sood's scheme cannot achieve mutual authentication between the user and the server. Consequently, in this paper, we propose a new dynamic identity based user authentication scheme using elliptic curve cryptosystem to resolve all the aforementioned problems.","PeriodicalId":336156,"journal":{"name":"2013 International Symposium on Biometrics and Security Technologies","volume":"754 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Security Analysis and Enhancement of a Dynamic Identity Based Authentication Scheme Using Smart Cards\",\"authors\":\"Xiong Li, J. Niu, M. Khan, Junguo Liao\",\"doi\":\"10.1109/ISBAST.2013.27\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Remote user authentication is an important and efficient method to ensure security for many network-based application systems. So far, several dynamic identity based authentication schemes have been proposed to protect the user's anonymity. Recently, Sood pointed out the security weaknesses of a dynamic identity based authentication scheme, which was proposed by Wang et al. presented an improved scheme. However, in this paper, we demonstrate that Sood's scheme cannot resist leak of verifier attack, impersonation attack and server spoofing attack. Furthermore, Sood's scheme cannot achieve mutual authentication between the user and the server. Consequently, in this paper, we propose a new dynamic identity based user authentication scheme using elliptic curve cryptosystem to resolve all the aforementioned problems.\",\"PeriodicalId\":336156,\"journal\":{\"name\":\"2013 International Symposium on Biometrics and Security Technologies\",\"volume\":\"754 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Symposium on Biometrics and Security Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISBAST.2013.27\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Symposium on Biometrics and Security Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISBAST.2013.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Analysis and Enhancement of a Dynamic Identity Based Authentication Scheme Using Smart Cards
Remote user authentication is an important and efficient method to ensure security for many network-based application systems. So far, several dynamic identity based authentication schemes have been proposed to protect the user's anonymity. Recently, Sood pointed out the security weaknesses of a dynamic identity based authentication scheme, which was proposed by Wang et al. presented an improved scheme. However, in this paper, we demonstrate that Sood's scheme cannot resist leak of verifier attack, impersonation attack and server spoofing attack. Furthermore, Sood's scheme cannot achieve mutual authentication between the user and the server. Consequently, in this paper, we propose a new dynamic identity based user authentication scheme using elliptic curve cryptosystem to resolve all the aforementioned problems.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
