TY - GEN
T1 - Cryptanalysis and Improvement of Remote User Authentication Scheme Using Smart Card
AU - Madhusudhan, R.
AU - Hegde, Manjunath
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/12/29
Y1 - 2016/12/29
N2 - In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme.
AB - In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme.
UR - http://www.scopus.com/inward/record.url?scp=85015043097&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85015043097&partnerID=8YFLogxK
U2 - 10.1109/ICCCE.2016.30
DO - 10.1109/ICCCE.2016.30
M3 - Conference contribution
AN - SCOPUS:85015043097
T3 - Proceedings - 6th International Conference on Computer and Communication Engineering: Innovative Technologies to Serve Humanity, ICCCE 2016
SP - 84
EP - 89
BT - Proceedings - 6th International Conference on Computer and Communication Engineering
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th International Conference on Computer and Communication Engineering, ICCCE 2016
Y2 - 25 July 2016 through 27 July 2016
ER -