Improvements on Hsiang and Shih's Remote User Authentication Scheme Using Smart Cards
作者: Jung-Yoon KIM , Hyoung-Kee CHOI
DOI: 10.1587/TRANSINF.E95.D.2393
关键词: Password policy 、 Multi-factor authentication 、 Password cracking 、 Authentication 、 S/KEY 、 Network Access Control 、 One-time password 、 Computer security 、 Password 、 Authentication protocol 、 Data Authentication Algorithm 、 Computer science 、 Access control 、 Public-key cryptography 、 Smart card 、 Rabin cryptosystem 、 Challenge–response authentication
摘要: Hsiang and Shih discovered that Yoon et al.’s user authentication scheme was vulnerable to parallel session attack, impersonation offline password guessing attack. They proposed an improved prevent these attacks. Shih’s is still susceptible attack server In this paper, we demonstrate how their can be compromised then propose based on the Rabin cryptosystem overcome weaknesses. Furthermore, discuss reason why should use asymmetric encryption algorithm secure a password-based remote using smart cards. We formally prove security of our BAN logic. key words: Network-level protection, authentication, security,
harvard.edu
sci-hub.se 参考文章(25)
Bin‐Tsan Hsieh, Hung‐Min Sun, Tzonelih Hwang, On the Security of Some Password Authentication Protocols Informatica (lithuanian Academy of Sciences). ,vol. 14, pp. 195- 204 ,(2003) , 10.15388/INFORMATICA.2003.014
M. O. Rabin, DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION MIT Laboratory for Computer Science. ,(1979)
Charikleia Zouridaki, Brian L. Mark, Kris Gaj, Roshan K. Thomas, Distributed CA-based PKI for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography Public Key Infrastructure. pp. 232- 245 ,(2004) , 10.1007/978-3-540-25980-0_19
Wei-Chi Ku, Chien-Ming Chen, Hui-Lung Lee, Cryptanalysis of a Variant of Peyravian-Zunic's Password Authentication Scheme IEICE Transactions on Communications. ,vol. 86, pp. 1682- 1684 ,(2003)
Xiaoyi Duan, Jianwei Liu, Qishan Zhang, Security Improvement On Chien Et Al.'s Remote User Authentication Scheme Using Smart Cards computational intelligence and security. ,vol. 2, pp. 1133- 1135 ,(2006) , 10.1109/ICCIAS.2006.295440
C.-C. YANG, Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks IEICE Transactions on Communications. ,vol. E88-B, pp. 4370- 4372 ,(2005) , 10.1093/IETCOM/E88-B.11.4370
Hung-Yu Chien, Jinn-Ke Jan, Yuh-Min Tseng, An Efficient and Practical Solution to Remote Authentication: Smart Card Computers & Security. ,vol. 21, pp. 372- 375 ,(2002) , 10.1016/S0167-4048(02)00415-7
Min-Shiang Hwang, Li-Hua Li, A new remote user authentication scheme using smart cards IEEE Transactions on Consumer Electronics. ,vol. 46, pp. 28- 30 ,(2000) , 10.1109/30.826377
C. Mitchell, Limitations of challenge-response entity authentication Electronics Letters. ,vol. 25, pp. 1195- 1196 ,(1989) , 10.1049/EL:19890801
Chien-Lung Hsu, Security of Chien et al.’s Remote User Authentication Scheme Using Smart Cards Computer Standards & Interfaces. ,vol. 26, pp. 167- 169 ,(2004) , 10.1016/S0920-5489(03)00094-1