Improvement of Efficient Remote Mutual Authentication and Key Agreement

In an open networking environment, a server usually needs to identify its legal users for providing its services. In 2006, Shieh and Wang pointed out the weakness of Juang’s remote mutual authentication scheme using smart card and further proposed an efficient remote mutual authentication and key agreement scheme using smart card. Recently, Yoon and Yoo demonstrated that Shieh and Wang’s scheme does not provide perfect forward secrecy and is vulnerable to a privileged insider’s attack. In this paper, we propose a security improvement to resolve the security problems. The proposed scheme not only inherits the merits of their scheme but also enhances the security of their scheme.

[1]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[2]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[3]  Wei-Chi Ku,et al.  Vulnerabilities of Wu-Chieu's Improved Password Authentication Scheme Using Smart Cards , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[4]  Hung-Min Sun,et al.  An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[5]  Cheng-Chi Lee,et al.  A remote user authentication scheme using hash functions , 2002, OPSR.

[6]  Hung-Min Sun,et al.  Password-based authentication and key distribution protocols with perfect forward secrecy , 2006, J. Comput. Syst. Sci..

[7]  Wen-Shenq Juang Efficient User Authentication and Key Agreement in Ubiquitous Computing , 2006, ICCSA.

[8]  Eun-Jun Yoon,et al.  Two Security Problems of Efficient Remote Mutual Authentication and Key Agreement , 2007, Future Generation Communication and Networking (FGCN 2007).

[9]  Chris J. Mitchell,et al.  Limitations of challenge-response entity authentication , 1989 .

[10]  David Taniar,et al.  Computational Science and Its Applications - ICCSA 2006, International Conference, Glasgow, UK, May 8-11, 2006, Proceedings, Part I , 2006, ICCSA.

[11]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[12]  D. Sternglass The future is in the PC cards , 1992, IEEE Spectrum.

[13]  Wen-Shenq Juang,et al.  Efficient password authenticated key agreement using smart cards , 2004, Comput. Secur..

[14]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[15]  Chien-Lung Hsu Security of Chien et al.'s remote user authentication scheme using smart cards , 2004, Comput. Stand. Interfaces.

[16]  Wei-Chi Ku,et al.  Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[17]  Hung-Yu Chien,et al.  An Efficient and Practical Solution to Remote Authentication: Smart Card , 2002, Comput. Secur..

[18]  G. Lisimaque,et al.  Smart cards provide very high security and flexibility in subscribers management , 1990 .

[19]  Xiaomin Wang,et al.  Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards , 2007, Comput. Stand. Interfaces.

[20]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[21]  Jianmin Wang,et al.  Efficient remote mutual authentication and key agreement , 2006, Comput. Secur..