Some Forgery Attacks on a Remote User Authentication Scheme Using Smart Cards

Smart card has been adopted to various applications. In 2000, Hwang and Li proposed a remote user authentication scheme, which is also using smart card. Nine months later, Chan and Cheng pointed out that there is a weakness in the remote authentication scheme proposed by Hwang and Li. In this paper, we show that Chan and Cheng's attack does not work well because they did not consider the format of user's identity. In addition, we propose several ways to solve the problem of Chan and Cheng's attack.

[1]  Nathalie Feyt,et al.  Hardware and Software Symbiosis Helps Smart Card Evolution , 2001, IEEE Micro.

[2]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[3]  HwangMin-Shiang,et al.  A new remote user authentication scheme using smart cards , 2000 .

[4]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[5]  Lee-Ming Cheng,et al.  Cryptanalysis of a remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[6]  Shinichi Hirata,et al.  A network-based platform for multi-application smart cards , 2001, Proceedings Fifth IEEE International Enterprise Distributed Object Computing Conference.