{"title":"智能卡远程用户认证方案的密码分析与改进","authors":"R. Madhusudhan, Manjunath Hegde","doi":"10.1109/ICCCE.2016.30","DOIUrl":null,"url":null,"abstract":"In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme.","PeriodicalId":360454,"journal":{"name":"2016 International Conference on Computer and Communication Engineering (ICCCE)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Cryptanalysis and Improvement of Remote User Authentication Scheme Using Smart Card\",\"authors\":\"R. Madhusudhan, Manjunath Hegde\",\"doi\":\"10.1109/ICCCE.2016.30\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme.\",\"PeriodicalId\":360454,\"journal\":{\"name\":\"2016 International Conference on Computer and Communication Engineering (ICCCE)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Conference on Computer and Communication Engineering (ICCCE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCE.2016.30\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Conference on Computer and Communication Engineering (ICCCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCE.2016.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cryptanalysis and Improvement of Remote User Authentication Scheme Using Smart Card
In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
