{"title":"“方便使用的智能卡远端用户认证方案”的进一步密码分析","authors":"M.K. Khan","doi":"10.1109/ICIET.2007.4381318","DOIUrl":null,"url":null,"abstract":"Recently, Wu and Chieu proposed 'a user friendly remote user authentication scheme with smart cards'. We point out that their scheme is vulnerable and susceptible to the attacks and can easily be cryptanalyzed. Their scheme provides only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Their scheme also suffers from the impersonation attack and an adversary can easily impersonate a valid user. Furthermore, we describe that an adversary can login into the system by copying the data of stolen or lost smart card of a legitimate user. Moreover, we discuss that Wu and Chieu's scheme has poor reparability, which makes it infeasible to implement.","PeriodicalId":167980,"journal":{"name":"2007 International Conference on Information and Emerging Technologies","volume":"80 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Further Cryptanalysis of 'A User Friendly Remote User Authentication Scheme with Smart Cards'\",\"authors\":\"M.K. Khan\",\"doi\":\"10.1109/ICIET.2007.4381318\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, Wu and Chieu proposed 'a user friendly remote user authentication scheme with smart cards'. We point out that their scheme is vulnerable and susceptible to the attacks and can easily be cryptanalyzed. Their scheme provides only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Their scheme also suffers from the impersonation attack and an adversary can easily impersonate a valid user. Furthermore, we describe that an adversary can login into the system by copying the data of stolen or lost smart card of a legitimate user. Moreover, we discuss that Wu and Chieu's scheme has poor reparability, which makes it infeasible to implement.\",\"PeriodicalId\":167980,\"journal\":{\"name\":\"2007 International Conference on Information and Emerging Technologies\",\"volume\":\"80 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-07-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Conference on Information and Emerging Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIET.2007.4381318\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Information and Emerging Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIET.2007.4381318","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Further Cryptanalysis of 'A User Friendly Remote User Authentication Scheme with Smart Cards'
Recently, Wu and Chieu proposed 'a user friendly remote user authentication scheme with smart cards'. We point out that their scheme is vulnerable and susceptible to the attacks and can easily be cryptanalyzed. Their scheme provides only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Their scheme also suffers from the impersonation attack and an adversary can easily impersonate a valid user. Furthermore, we describe that an adversary can login into the system by copying the data of stolen or lost smart card of a legitimate user. Moreover, we discuss that Wu and Chieu's scheme has poor reparability, which makes it infeasible to implement.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
