CFP last date
20 January 2025
Reseach Article

An Improvement of Wang. et. al.’s Remote User Authentication Scheme against Smart Card Security Breach

by Ruhul Amin, Tanmoy Maitra, Soumya Prakash Rana
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 75 - Number 13
Year of Publication: 2013
Authors: Ruhul Amin, Tanmoy Maitra, Soumya Prakash Rana
10.5120/13174-0908

Ruhul Amin, Tanmoy Maitra, Soumya Prakash Rana . An Improvement of Wang. et. al.’s Remote User Authentication Scheme against Smart Card Security Breach. International Journal of Computer Applications. 75, 13 ( August 2013), 37-42. DOI=10.5120/13174-0908

@article{ 10.5120/13174-0908,
author = { Ruhul Amin, Tanmoy Maitra, Soumya Prakash Rana },
title = { An Improvement of Wang. et. al.’s Remote User Authentication Scheme against Smart Card Security Breach },
journal = { International Journal of Computer Applications },
issue_date = { August 2013 },
volume = { 75 },
number = { 13 },
month = { August },
year = { 2013 },
issn = { 0975-8887 },
pages = { 37-42 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume75/number13/13174-0908/ },
doi = { 10.5120/13174-0908 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:44:13.073699+05:30
%A Ruhul Amin
%A Tanmoy Maitra
%A Soumya Prakash Rana
%T An Improvement of Wang. et. al.’s Remote User Authentication Scheme against Smart Card Security Breach
%J International Journal of Computer Applications
%@ 0975-8887
%V 75
%N 13
%P 37-42
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

User authentication is one of the fundamental procedures to provide secure communications between user and server over an insecure public channel. Recently, Wang et. al. proposed password-based user authentication scheme based on hash function and modular exponentiation and they claimed that their scheme provides strong authentication than related scheme. But in this paper, it is pointed out that their scheme suffers from off-line password guessing attack, off-line identity guessing attack, user impersonation attack, server masquerading attack, smart card stolen attack and password change attack. Then an improved scheme over Wang et. al. 's scheme has been proposed to overcome their weaknesses. The proposed scheme resists all possible attacks and provides more security than wang et. al's scheme, published earlier.

References
  1. L. Lamport, "Password authentication with insecure communication", Communications of the ACM, Vol. 24, No. 11, PP. 770-772, 1981.
  2. A. Shimizu, T. Horioka and H. Inagaki, "A password authentication methods for contents communication on the Internet", IEICE Transactions on Communications, Vol. 81, No. 8, PP. 1666-1673, 1998.
  3. C. C. Chang and T. C. Wu, "Remote password authentication with smart cards", IEE Proceedings-E, Vol. 138, No. 3, PP. 165-168, 1993.
  4. S. B. Wilson, D. Johnson and A. Menezes, "Key agreement protocols and their security analysis", in proceedings of 6th IMA International Conference on Cryptography and Coding, Cirencester, LNCS, Vol. 1355, PP. 30-45, 1997.
  5. W. C. Ku and S. M. Chen, "Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards", IEEE Transactions on Consumer Electronics, Vol. 50, No. 1, PP. 204-207, 2004.
  6. E. J. Yoon, E. K. Ryu and K. Y. Yoo, "Further improvement of an efficient password based remote user authentication scheme using smart cards", IEEE Transactions on Consumer Electronics, Vol. 50, No. 2, PP. 612-614, 2004.
  7. C. I. Fan, Y. C. Chan and Z. K. Zhang, "Robust remote authentication scheme with smart cards", Computers & Security, Vol. 24, No. 8, PP. 619-628, 2005.
  8. M. K. Khan and J. Zhang, "Improving the security of a flexible biometrics remote user authentication scheme", Computer Standards & Interfaces, Vol. 29, No. 1, PP. 82- 85, 2007.
  9. Hyun Sook Rhee, Jeong Ok Kwon and Dong Hoon Lee, "A remote user authentication scheme without using smart cards", Computer Standards & Interfaces, Vol. 31, PP. 6-13, 2009.
  10. C. T. Li and C. C. Lee, "A Robust Remote User Authentication Scheme using Smart Card", Information Technology and Control, Vol. 40, No. 3, PP. 231-238, 2011.
  11. Ding Wang, Chun-Guang Ma, Qi-Ming Zhang and Sendong Zhao, "Secure Password-based Remote User Authentication Scheme against Smart Card SecurityBreach", Journal of Networks, Vol. 8, No. 1, PP. 148-155, January 2013.
  12. Whitfield Diffie and Martin E. Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, Vol. 22, No. 6, PP. 644-654, November 1976.
  13. P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis", Proceedings of Advances in Cryptology, PP. 388-397, 1999.
  14. T. S. Messerges, E. A. Dabbish and R. H. Sloan, "Examining smart-card security under the threat of power analysis attacks", IEEE Transactions on Computers, Vol. 51, No. 5, PP. 541-552, 2002.
  15. S. K. Sood, A. K. Sarje and K. Singh, "A secure dynamic identity based authentication protocol for multiserver architecture", Journal of Network and Computer Applications, Vol. 34, No. 2, PP. 609-618, 2011.
Index Terms

Computer Science
Information Sciences

Keywords

Attack Authentication Password Smart Card