Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang
{"title":"多服务器架构下健壮智能卡认证方案的密码分析","authors":"Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang","doi":"10.1109/ISBAST.2014.7013106","DOIUrl":null,"url":null,"abstract":"User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.","PeriodicalId":292333,"journal":{"name":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Cryptanalysis of a robust smart card authentication scheme for multi-server architecture\",\"authors\":\"Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang\",\"doi\":\"10.1109/ISBAST.2014.7013106\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.\",\"PeriodicalId\":292333,\"journal\":{\"name\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISBAST.2014.7013106\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISBAST.2014.7013106","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cryptanalysis of a robust smart card authentication scheme for multi-server architecture
User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
