A Robust Remote User Authentication Scheme Using Smart Card

In 2008, Yoon et al. [25] presented three kinds of security attacks (YLY attacks for short) of a user authentication and key agreement scheme using smart cards in different scenarios. The YLY attacks are: perfect forward secrecy, the guessing attack, and the Denning-Sacco attack. The main goal of this paper is to propose a robust remote user authentication scheme using smart card that could not only withstand the traditional attacks, such as, the man-in-the-middle attack, the replay attack, the forgery attacks, the stolen smart card attack, and the denial of service attack, but also overcomes YLY attacks.

[1]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[2]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[3]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[4]  Tzonelih Hwang,et al.  Non-interactive password authentications without password tables , 1990, IEEE TENCON'90: 1990 IEEE Region 10 Conference on Computer and Communication Systems. Conference Proceedings.

[5]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[6]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[7]  Cheng-Chi Lee,et al.  A password authentication scheme over insecure networks , 2006, J. Comput. Syst. Sci..

[8]  Wei-Chi Ku,et al.  Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments , 2009, Comput. Stand. Interfaces.

[9]  Xiaomin Wang,et al.  Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards , 2007, Comput. Stand. Interfaces.

[10]  Eun-Jun Yoon,et al.  Further improvement of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[11]  Jia-Yong Liu,et al.  A new mutual authentication scheme based on nonce and smart cards , 2008, Comput. Commun..

[12]  Yu Xiu-yuan A new remote user authentication scheme of using smart card , 2008 .

[13]  Cheng-Chi Lee,et al.  A simple remote user authentication scheme , 2002 .

[14]  Hung-Yu Chien,et al.  A modified remote login authentication scheme based on geometric approach , 2001, J. Syst. Softw..

[15]  Wei-Chi Ku,et al.  Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[16]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[17]  Gwoboa Horng Password Authentication Without Using a Password Table , 1995, Inf. Process. Lett..

[18]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[19]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[20]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[21]  Hung-Min Sun,et al.  An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[22]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[23]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[24]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[25]  Xiaomin Zhu,et al.  A Password-Based Authentication and Key Establishment Scheme for Mobile Environment , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[26]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[27]  Wen-Shenq Juang,et al.  Two efficient two-factor authenticated key exchange protocols in public wireless LANs , 2009, Comput. Electr. Eng..

[28]  Eun-Jun Yoon,et al.  Cryptanalysis of Wang et al.'s Remote User Authentication Scheme Using Smart Cards , 2008, Fifth International Conference on Information Technology: New Generations (itng 2008).