CFP last date
20 January 2025
Reseach Article

Dynamic Encryption Key based Smart Card Authentication Scheme

by Ravi Singh Pippal, Pradeep Gupta, Rakesh Singh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 72 - Number 9
Year of Publication: 2013
Authors: Ravi Singh Pippal, Pradeep Gupta, Rakesh Singh
10.5120/12521-8481

Ravi Singh Pippal, Pradeep Gupta, Rakesh Singh . Dynamic Encryption Key based Smart Card Authentication Scheme. International Journal of Computer Applications. 72, 9 ( June 2013), 15-18. DOI=10.5120/12521-8481

@article{ 10.5120/12521-8481,
author = { Ravi Singh Pippal, Pradeep Gupta, Rakesh Singh },
title = { Dynamic Encryption Key based Smart Card Authentication Scheme },
journal = { International Journal of Computer Applications },
issue_date = { June 2013 },
volume = { 72 },
number = { 9 },
month = { June },
year = { 2013 },
issn = { 0975-8887 },
pages = { 15-18 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume72/number9/12521-8481/ },
doi = { 10.5120/12521-8481 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:37:27.773547+05:30
%A Ravi Singh Pippal
%A Pradeep Gupta
%A Rakesh Singh
%T Dynamic Encryption Key based Smart Card Authentication Scheme
%J International Journal of Computer Applications
%@ 0975-8887
%V 72
%N 9
%P 15-18
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In order to keep away from difficulties associated with traditional password based authentication methods, smart card based authentication schemes have been widely used. It has already been accepted worldwide due to its low computational cost. However, most of these schemes are vulnerable to one or the other possible attack. This paper describes a new smart card authentication scheme using symmetric key cryptography, which covers all the identified security pitfalls and satisfies the needs of a user. Its security is based on encrypting the contents of all the communicating messages exchanged between remote user and the server. Moreover, it provides users to choose and change their passwords freely, mutual authentication and session key generation. In addition, it uses nonce instead of timestamp to resist replay attack. Security analysis proves that this scheme is secure against impersonation attack, password guessing attack, replay attack, reflection attack, parallel session attack, insider attack, attack on perfect forward secrecy, stolen verifier attack, smart card loss attack and man-in-the-middle attack. The proposed scheme can be easily extended to Internet protocol television broadcasting, Multi-server authentication, Wireless communication and Healthcare, where the user needs to access data from server.

References
  1. Lamport L. : Password authentication with insecure communication. Communications of the ACM, 24, 770-772 (1981).
  2. Wu T. C. : Remote login authentication scheme based on geometric approach. Computer Communications, 18, 959-963 (1995).
  3. Hwang M. S. : Cryptanalysis of a remote login authentication scheme. Computer Communications, 22, 742-744 (1999).
  4. Yang W. H. , Shieh S. P. : Password authentication schemes with smart cards. Computers & Security, 18, 727-733 (1999).
  5. Chan C. K. , Cheng L. M. : Cryptanalysis of timestamp-based password authentication scheme. Computers & Security, 21, 74-76 (2002).
  6. Hwang M. S. , Li L. H. : A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46, 28-30 (2000).
  7. Chan C. K. , Cheng L. M. : Cryptanalysis of a remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46, 992-993 (2000).
  8. Sun H. M. : An efficient remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46, 958-961 (2000).
  9. Hsu C. L. : Security of two remote user authentication schemes using smart cards. IEEE Transactions on Consumer Electronics, 49, 1196-1198 (2003).
  10. Chien H. Y. , Jan J. K. , Tseng Y. M. : An efficient and practical solution to remote authentication: smart card. Computers & Security, 21, 372-375 (2002).
  11. Juang W. S. : Efficient password authenticated key agreement using smart cards. Computers & Security, 23, 167-173 (2004).
  12. Das M. L. , Saxena A. , Gulati V. P. : A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50, 629-631 (2004).
  13. Liao I. E. , Lee C. C. , Hwang M. S. : Security enhancement for a dynamic ID-based remote user authentication scheme. International Conference on Next Generation Web Services Practices (2005).
  14. Giri D. , Srivastava P. D. : Cryptanalysis and improvement of a remote user authentication scheme using smart cards. International Symposium on Electronic Commerce and Security, 355-361 (2008).
  15. Song R. : Advanced smart card based password authentication protocol. Computer Standards & Interfaces, 32, 321-325 (2010).
  16. Pippal R. S. , Jaidhar C. D. , Tapaswi S. : Comments on symmetric key encryption based smart card authentication scheme. 2nd International Conference on Computer Technology and Development, 482-484 (2010).
  17. Li C. T. , Hwang M. S. : An efficient biometrics-based remote user authentication scheme using smart cards, Journal of Network and Computer Applications, 33, 1-5 (2010).
  18. Li X. , Niu J. W. , Ma J. , Wang W. D. , Liu C. L. : Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards, Journal of Network and Computer Applications, 34, 73-79 (2011).
Index Terms

Computer Science
Information Sciences

Keywords

Authentication Encryption Nonce Session key Smart card