Security Enhanced Anonymous User Authenticated Key Agreement Scheme Using Smart Card

Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.

[1]  Xiong Li,et al.  An enhanced smart card based remote user password authentication scheme , 2013, J. Netw. Comput. Appl..

[2]  Dongho Won,et al.  Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction , 2016, Int. J. Distributed Sens. Networks.

[3]  Donghoon Lee,et al.  Performance and security enhanced authentication and key agreement protocol for SAE/LTE network , 2016, Comput. Networks.

[4]  Dongho Won,et al.  An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks , 2016, Sensors.

[5]  Chin-Chen Chang,et al.  An Efficient and Secure Smart Card Based Password Authentication Scheme , 2017, Int. J. Netw. Secur..

[6]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[7]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[8]  Dongwoo Kang,et al.  Efficient and robust user authentication scheme that achieve user anonymity with a Markov chain , 2016, Secur. Commun. Networks.

[9]  Moonseong Kim,et al.  Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation , 2015, PloS one.

[10]  Donghoon Lee,et al.  Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks , 2014, Sensors.

[11]  Ronggong Song Advanced smart card based password authentication protocol , 2010, Comput. Stand. Interfaces.

[12]  Jongho Moon,et al.  An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps , 2015, Journal of Medical Systems.

[13]  Donghoon Lee,et al.  Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2014, Sensors.

[14]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[15]  Kuldip Singh,et al.  An improvement of Xu et al.'s authentication scheme using smart cards , 2010, Bangalore Compute Conf..

[16]  Jongho Moon,et al.  An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards , 2015, PloS one.