Efficient remote mutual authentication and key agreement

A smart card based scheme is very practical to authenticate remote users. In 2004, Juang [Juang WS. Efficient password authenticated key agreement using smart cards. Computers and Security 2004;23:167-73] proposed a mutual authentication scheme using smart cards. The advantages in the scheme include freely chosen passwords, no verification tables, low communication and computation cost, and session key agreement. In addition, synchronized clocks are not required in the scheme due to its nonce based approach. In this paper, however, we shall discuss the weakness of Juang's [Juang WS. Efficient password authenticated key agreement using smart cards. Computers and Security 2004;23:167-73] scheme and propose another similar scheme to improve the weakness. Our scheme not only preserves all the advantages of Juang's scheme but also improves its efficiency.

[1]  Kaijun Tan,et al.  Remote password authentication scheme based on cross-product , 1999, Comput. Commun..

[2]  Tzong-Chen Wu,et al.  Remote login authentication scheme based on a geometric approach , 1995, Comput. Commun..

[3]  Yu-Yi Chen,et al.  "Paramita wisdom" password authentication scheme without verification tables , 1998, J. Syst. Softw..

[4]  Wang Shiuh-Jeng,et al.  Refereed paper: Smart card based secure password authentication scheme , 1996 .

[5]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[6]  Chien-Lung Hsu Security of Chien et al.'s remote user authentication scheme using smart cards , 2004, Comput. Stand. Interfaces.

[7]  Cheng-Chi Lee,et al.  A simple remote user authentication scheme , 2002 .

[8]  Shiuh-Pyng Shieh,et al.  Password authentication schemes with smart cards , 1999, Comput. Secur..

[9]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[10]  Jin-Fu Chang,et al.  Smart card based secure password authentication scheme , 1996, Computers & security.

[11]  Tzong-Chen Wu,et al.  Authenticating passwords over an insecure channel , 1996, Comput. Secur..

[12]  Wu Tzong-Chen,et al.  Refereed paper: Authenticating passwords over an insecure channel , 1996 .

[13]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[14]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[15]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[16]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[17]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[18]  Hung-Yu Chien,et al.  An Efficient and Practical Solution to Remote Authentication: Smart Card , 2002, Comput. Secur..

[19]  Wen-Shenq Juang,et al.  Efficient password authenticated key agreement using smart cards , 2004, Comput. Secur..

[20]  Hung-Min Sun,et al.  An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[21]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..