A Practical and Secure Hash Function-Based Password Authentication Scheme

In this study, we propose a practical and secure hash function-based password authentication scheme using smart cards. Our proposed scheme offers some advantages and interesting features. Firstly, the scheme does not require a verification table and is secure against the replay attacks, an attack that most of the existing schemes suffer. Secondly, any user of the scheme be allowed to change his or her account’s password efficiently. Thirdly, the time complexity for each algorithm in the proposed scheme are relatively low and minimal compared to some existing well-known password authentication schemes.

[1]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[2]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[3]  Hung-Yu Chien,et al.  An Efficient and Practical Solution to Remote Authentication: Smart Card , 2002, Comput. Secur..

[4]  Stephen M. Matyas,et al.  Cryptographic Authentication of Time-Invariant Quantities , 1981, IEEE Trans. Commun..

[5]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[6]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[7]  P. Kumar,et al.  Biometric based remote login password authentication scheme using smart card-IJAERD , 2016 .

[8]  Cheng-Chi Lee,et al.  A simple remote user authentication scheme , 2002 .

[9]  Eun-Jun Yoon,et al.  An improvement of Hwang-Lee-Tang's simple remote user authentication scheme , 2005, Comput. Secur..

[10]  Cheng-Chi Lee,et al.  A password authentication scheme over insecure networks , 2006, J. Comput. Syst. Sci..

[11]  Chin-Chen Chang,et al.  AN EFFICIENT AND SECURE REMOTE AUTHENTICATION SCHEME USING SMART CARDS , 2006 .

[12]  Jin-Fu Chang,et al.  Smart card based secure password authentication scheme , 1996, Computers & security.

[13]  Tzong-Chen Wu,et al.  Remote login authentication scheme based on a geometric approach , 1995, Comput. Commun..

[14]  Yung-Cheng Lee Weakness and Improvement of the Smart Card Based Remote User Authentication Scheme with Anonymity , 2013, J. Inf. Sci. Eng..

[15]  Sandeep K. Sood An Improved and Secure Smart Card Based Dynamic Identity Authentication Protocol , 2012, Int. J. Netw. Secur..

[16]  Xiong Li,et al.  An enhanced smart card based remote user password authentication scheme , 2013, J. Netw. Comput. Appl..

[17]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[18]  Chi-Sung Laih,et al.  Password authentication using public-key cryptography , 1989 .

[19]  Manoj Kumar A New Secure Remote User Authentication Scheme with Smart Cards , 2010, Int. J. Netw. Secur..

[20]  Rajaram Ramasamy,et al.  An Efficient Password Authentication Scheme for Smart Card , 2012, Int. J. Netw. Secur..

[21]  Min-Shiang Hwang A remote password authentication scheme based on the digital signature method , 1999, Int. J. Comput. Math..

[22]  Cheng-Chi Lee,et al.  A flexible remote user authentication scheme using smart cards , 2002, OPSR.

[23]  Wen-Yuan Liao,et al.  A remote password authentication scheme based upon ElGamal's signature scheme , 1994, Comput. Secur..

[24]  Edwin Weiss,et al.  A user authentication scheme not requiring secrecy in the computer , 1974, Commun. ACM.

[25]  Chin-Chen Chang,et al.  An Efficient and Secure Smart Card Based Password Authentication Scheme , 2017, Int. J. Netw. Secur..

[26]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[27]  Hung-Yu Chien,et al.  A modified remote login authentication scheme based on geometric approach , 2001, J. Syst. Softw..