论文信息 - On security of a remote user authentication scheme without using smart cards

On security of a remote user authentication scheme without using smart cards

He Debiao*, Chen Jianhua, Hu Jin School of Mathematics and Statistics, Wuhan University, Wuhan, Hubei 430072, China Abstract: The security of a password authentication scheme using smart cards proposed by Rhee et al. is analyzed. A kind of impersonation attack is presented. The analyses show that the scheme is insecure for practical application. In order to eliminate the security vulnerability, an efficient countermeasure is proposed.

[1] Leslie Lamport,et al. Password authentication with insecure communication , 1981, CACM.

[2] Min Gyo Chung,et al. More secure remote user authentication scheme , 2009, Comput. Commun..

[3] Min-Shiang Hwang,et al. A modified remote user authentication scheme using smart cards , 2003, IEEE Trans. Consumer Electron..

[4] Shiuh-Pyng Shieh,et al. Password authentication schemes with smart cards , 1999, Comput. Secur..

[5] Wei-Chi Ku,et al. Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards , 2005 .

[6] Muhammad Khurram Khan,et al. Improving the security of 'a flexible biometrics remote user authentication scheme' , 2007, Comput. Stand. Interfaces.

[7] Hung-Min Sun,et al. An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[8] Min-Shiang Hwang,et al. A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[9] Dong Hoon Lee,et al. A remote user authentication scheme without using smart cards , 2009, Comput. Stand. Interfaces.

[10] Chin-Chen Chang,et al. An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem , 2009, Comput. Secur..

[11] Cheng-Chi Lee,et al. A flexible remote user authentication scheme using smart cards , 2002, OPSR.