Password authentication schemes with smart cards

In this paper, two password authentication schemes with smart cards are proposed. In the schemes, users can change their passwords freely, and the remote system does not need the directory of passwords or verification tables to authenticate users. Once the secure network environment is set up, authentication can be handled solely by the two parties involved. For a network without synchronized clocks, the proposed nonce-based authentication scheme is able to prevent malicious reply attacks.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Chin-Chen Chang,et al.  Using smart cards to authenticate remote passwords , 1993 .

[3]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[4]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[5]  Kaoru Kurosawa,et al.  ID-based cryptosystem using discrete logarithm problem , 1987 .

[6]  Edwin Weiss,et al.  A user authentication scheme not requiring secrecy in the computer , 1974, Commun. ACM.

[7]  Jin-Fu Chang,et al.  Smart card based secure password authentication scheme , 1996, Computers & security.

[8]  B. Clifford Neuman,et al.  A note on the use of timestamps as nonces , 1993, OPSR.

[9]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[10]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[11]  Leonard M. Adleman,et al.  A subexponential algorithm for the discrete logarithm problem with applications to cryptography , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[12]  Wang Shiuh-Jeng,et al.  Refereed paper: Smart card based secure password authentication scheme , 1996 .

[13]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[14]  Shiuh-Pyng Shieh,et al.  An authentication and key distribution system for open network systems , 1996, OPSR.

[15]  Eiji Okamoto,et al.  Identity-based information security management system for personal computer networks , 1989, IEEE J. Sel. Areas Commun..

[16]  G. Lisimaque,et al.  Smart cards provide very high security and flexibility in subscribers management , 1990 .

[17]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[18]  Paul F. Syverson On key distribution protocols for repeated authentication , 1993, OPSR.

[19]  Stephen M. Matyas,et al.  Cryptographic Authentication of Time-Invariant Quantities , 1981, IEEE Trans. Commun..

[20]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[21]  Hung-Min Sun,et al.  An authentication protocol without trusted third party , 1997, IEEE Communications Letters.

[22]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[23]  Jürgen Schönwälder,et al.  A nonce-based protocol for multiple authentications , 1992, OPSR.