Security enhancement for a dynamic ID-based remote user authentication scheme

In a paper recently published in the IEEE transaction on consumer electronics, Das, Saxena, and Gulati proposed a dynamic ID-based remote user authentication scheme using smart cards that allows the users to choose and change their passwords freely, and does not maintain any verifier table. It can protect against ID-theft, replaying, forgery, guessing, insider, and stolen verifier attacks. However, this paper shows that Das, Saxena, and Gulati's scheme has some attacks. Therefore, we propose a slight modification to their scheme to improve their weaknesses. As a result, the improved scheme can enhance the security of Das, Saxena, and Gulati's scheme. In addition, the proposed scheme does not add many computational costs additionally. Compare with their scheme, our scheme is also efficient.

[1]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[2]  Zinaida Benenson,et al.  Realizing Robust User Authentication in Sensor Networks , 2005 .

[3]  Amit K. Awasthi On the Authentication of the User from the Remote Autonomous Object , 2005, Int. J. Netw. Secur..

[4]  Min-Shiang Hwang,et al.  A modified remote user authentication scheme using smart cards , 2003, IEEE Trans. Consumer Electron..

[5]  Cheng-Chi Lee,et al.  A simple remote user authentication scheme , 2002 .

[6]  Chi-Yu Liu,et al.  Cryptanalysis of a Secure One-time Password Authentication Scheme with Low-communication for Mobile Communications , 2005, Int. J. Netw. Secur..

[7]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[8]  Ashutosh Saxena,et al.  A dynamic ID-based remote user authentication scheme , 2004, IEEE Transactions on Consumer Electronics.

[9]  Min-Shiang Hwang,et al.  A remote password authentication scheme for multiserver architecture using neural networks , 2001, IEEE Trans. Neural Networks.

[10]  Cheng-Chi Lee Two Attacks on the Wu-Hsu User Identification Scheme , 2005, Int. J. Netw. Secur..

[11]  Wuu Yang,et al.  An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[12]  Jamal N. Al-Karaki,et al.  Analysis of routing security-energy trade-offs in wireless sensor networks , 2006, Int. J. Secur. Networks.

[13]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[14]  Minho Kim,et al.  A Simple Attack on a Recently Introduced Hash-based Strong-password Authentication Scheme , 2005, Int. J. Netw. Secur..

[15]  Cheng-Chi Lee,et al.  A flexible remote user authentication scheme using smart cards , 2002, OPSR.

[16]  Chee-Yee Chong,et al.  Sensor networks: evolution, opportunities, and challenges , 2003, Proc. IEEE.