摘要: Abstract: In this paper, we present a secure and efficient remote authentication schemeby improving Hwang-Lee-Tang’s scheme. The security of our scheme is based on theonewayness collision-resistance properties the hash functions being used. Theproposed able to withstand all commonly known attacks against au-thentication schemes. addition, does not store password table theserver, provides mutual between user server, re-veal user’s allows freely choose herchoice, change her by running simple protocol withthe server. 1 Introduction classic technique for users’ passwords. With thepassage time, it has been realized that use alone enough from thesecurity point view because typical human-selected passwords have low entropy.Therefore, in modern times, many attempts made build two-factor secureremote systems combining smart cards [CW93,CH93, HL00, Sun00, LHY02, HLT02, CJT02, SLH03a, AL03, CLH04, LKY04, YRY05,LC05].One earliest schemes due Lamport [Lam81]. Heproposes maintain server verification. A dis-advantage Lamport’s lies fact if compromised, secretpasswords users are disclosed. Subsequently, authenticationschemes presented do rely verification tables stored server.Password card were used Sun [Sun00]. Unfortunately,their only uni-directional authentication, i.e., authenticatedby knows pass-word also allowed. Hwang, Lee, Tang [HLT02] allowsfor but no check conducted before committing thepassword change. Chien et al. [CJT02] proposed another schemeusing functions. Their suffers problems
参考文章(16)
Wen-Her Yang, Shiuh-Pyng Shieh, Refereed paper: Password authentication schemes with smart cards Computers & Security. ,vol. 18, pp. 727- 733 ,(1999) , 10.1016/S0167-4048(99)80136-9
Min-Shiang Hwang, Cheng-Chi Lee, Yuan-Liang Tang, A simple remote user authentication scheme Mathematical and Computer Modelling. ,vol. 36, pp. 103- 107 ,(2002) , 10.1016/S0895-7177(02)00106-1
C-C Chang, S-J Hwang, None, Using smart cards to authenticate remote passwords Computers & Mathematics With Applications. ,vol. 26, pp. 19- 27 ,(1993) , 10.1016/0898-1221(93)90048-Z
Jau-Ji Shen, Chih-Wei Lin, Min-Shiang Hwang, Refereed papers: Security enhancement for the timestamp-based password authentication scheme using smart cards Computers & Security. ,vol. 22, pp. 591- 595 ,(2003) , 10.1016/S0167-4048(03)00709-0
Cheng-Chi Lee, Min-Shiang Hwang, Wei-Peng Yang, A flexible remote user authentication scheme using smart cards Operating Systems Review. ,vol. 36, pp. 46- 52 ,(2002) , 10.1145/567331.567335
Hung-Yu Chien, Jinn-Ke Jan, Yuh-Min Tseng, An Efficient and Practical Solution to Remote Authentication: Smart Card Computers & Security. ,vol. 21, pp. 372- 375 ,(2002) , 10.1016/S0167-4048(02)00415-7
Min-Shiang Hwang, Li-Hua Li, A new remote user authentication scheme using smart cards IEEE Transactions on Consumer Electronics. ,vol. 46, pp. 28- 30 ,(2000) , 10.1109/30.826377
Narn-Yih Lee, Yu-Chung Chiu, Improved remote authentication scheme with smart card Computer Standards & Interfaces. ,vol. 27, pp. 177- 180 ,(2005) , 10.1016/J.CSI.2004.06.001
Tzung-Her Chen, Wei-Bin Lee, Gwoboa Horng, Secure SAS-like password authentication schemes Computer Standards & Interfaces. ,vol. 27, pp. 25- 31 ,(2004) , 10.1016/J.CSI.2004.02.004
C.-C. Chang, T.-C. Wu, Remote password authentication with smart cards IEE Proceedings E Computers and Digital Techniques. ,vol. 138, pp. 165- 168 ,(1991) , 10.1049/IP-E.1991.0022