A Review on Remote User Authentication Schemes Using Smart Cards

Remote user authentication is a mechanism in which the remote server verifies the legitimacy of a user over an insecure communication channel. Password based authentication schemes have been widely deployed to verify the legitimacy of remote users as password authentication is one of the simplest and the most convenient authentication mechanism over insecure networks. In remote user authentication scheme, the user is assigned a smart card, which is being personalized by some parameters and provide the legal users to use the resources of the remote system. Until now, there have been ample of remote user authentication schemes published in the literature and each published schemes have its own merits and demerits. Recently, many schemes proposed are based on the one-way hash function. The computational complexity of their schemes is superior to the discrete logarithm-problem-based schemes. In our paper, we have defined all the security requirements and the goals. An ideal password authentication schemes should satisfy and achieve all of these. We have presented the results of our survey through five of the currently available secure one way hash function based remote user authentication schemes. We hope an ideal smart card (not storing (ID i ,PW i ), which meets all the security requirements and achieves all the goals can be developed.

[1]  Neil Haller,et al.  The S/KEY One-Time Password System , 1995, RFC.

[2]  Xiaomin Wang,et al.  Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards , 2007, Comput. Stand. Interfaces.

[3]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[4]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[5]  Eun-Jun Yoon,et al.  Further improvement of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[6]  Kee-Young Yoo,et al.  An Improvement of Remote User Authentication Scheme Using Smart Cards , 2006, MSN.

[7]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[8]  Eun-Jun Yoon,et al.  More Efficient and Secure Remote User Authentication Scheme using Smart Cards , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[9]  Min Gyo Chung,et al.  More secure remote user authentication scheme , 2009, Comput. Commun..

[10]  Wei-Bin Lee,et al.  A new method for using hash functions to solve remote user authentication , 2008, Comput. Electr. Eng..

[11]  Tzonelih Hwang,et al.  Non-interactive password authentications without password tables , 1990, IEEE TENCON'90: 1990 IEEE Region 10 Conference on Computer and Communication Systems. Conference Proceedings.

[12]  Chien-Lung Hsu A user friendly remote authentication scheme with smart cards against impersonation attacks , 2005, Appl. Math. Comput..

[13]  Wei-Chi Ku,et al.  Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[14]  Da-Zhi Sun,et al.  Weakness and improvement on Wang-Li-Tie's user-friendly remote authentication scheme , 2005, Appl. Math. Comput..

[15]  Yingjie Wang,et al.  Security analysis and improvement of a user-friendly remote authentication protocol , 2005, Appl. Math. Comput..

[16]  Yu Xiuyuan A Modified Remote User Authentication Scheme Using Smart Cards , 2008 .

[17]  Lee-Ming Cheng,et al.  Cryptanalysis of a remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[18]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[19]  Shyi-Tsong Wu,et al.  A user friendly remote authentication scheme with smart cards , 2003, Comput. Secur..

[20]  Matu-Tarow Noda,et al.  Simple and Secure Password Authentication Protocol (SAS) , 2000 .

[21]  Kee-Young Yoo,et al.  Improved efficient remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[22]  Hung-Yu Chien,et al.  An Efficient and Practical Solution to Remote Authentication: Smart Card , 2002, Comput. Secur..

[23]  Yu-Chung Chiu,et al.  Improved remote authentication scheme with smart card , 2005, Comput. Stand. Interfaces.

[24]  Kee-Young Yoo,et al.  Improvement of Chien et al.'s remote user authentication scheme using smart cards , 2005, Comput. Stand. Interfaces.

[25]  Hung-Min Sun,et al.  An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[26]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[27]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[28]  Cheng-Chi Lee,et al.  A password authentication scheme over insecure networks , 2006, J. Comput. Syst. Sci..

[29]  Chien-Lung Hsu Security of Chien et al.'s remote user authentication scheme using smart cards , 2004, Comput. Stand. Interfaces.

[30]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[31]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[32]  Xiaoping Wu,et al.  Cryptanalysis of a Remote User Authentication Scheme Using Smart Cards , 2009, 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing.