CFP last date
20 January 2025
Reseach Article

Cryptanalysis and an Efficient Secure ID-based Remote User Authentication using Smart Card

by Ruhul Amin
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 75 - Number 13
Year of Publication: 2013
Authors: Ruhul Amin
10.5120/13175-0909

Ruhul Amin . Cryptanalysis and an Efficient Secure ID-based Remote User Authentication using Smart Card. International Journal of Computer Applications. 75, 13 ( August 2013), 43-48. DOI=10.5120/13175-0909

@article{ 10.5120/13175-0909,
author = { Ruhul Amin },
title = { Cryptanalysis and an Efficient Secure ID-based Remote User Authentication using Smart Card },
journal = { International Journal of Computer Applications },
issue_date = { August 2013 },
volume = { 75 },
number = { 13 },
month = { August },
year = { 2013 },
issn = { 0975-8887 },
pages = { 43-48 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume75/number13/13175-0909/ },
doi = { 10.5120/13175-0909 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:44:13.837918+05:30
%A Ruhul Amin
%T Cryptanalysis and an Efficient Secure ID-based Remote User Authentication using Smart Card
%J International Journal of Computer Applications
%@ 0975-8887
%V 75
%N 13
%P 43-48
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Remote User authentication protocol is used for verifying the legitimacy of a remote user over insecure network environments. Recently, many secure ID based remote user authentication scheme using smart card have been proposed in the literature. In 2012, Ratan-Sanjay [1] proposed secure ID based remote user authentication scheme using smart card and claimed that their scheme can avoid all types of security flaws and feasible in terms of computation and storage cost. But We have pointed out that their scheme is insecure against user impersonation attack, server masquerading attack, off-line password guessing attack, off-line identity guessing attack, session key recovery attack and smart card stolen attack. So, their scheme can not be used for practical implementation in terms of security. Further, their scheme takes more computation and communication cost than the proposed scheme. To overcome these weakness, we have proposed an efficient secure ID based remote user authentication scheme using smart card based on cryptographic one way hash function. The proposed scheme resists all possible attacks and provides better computation and communication cost than Ratan-Sanjay's [1] scheme published earlier.

References
  1. R. R Ahirwal, S. S. Sonwanshi, "An Efficient and Secure ID-based Remote User Authentication Scheme using Smart Card", International Journal of Applied Information Systems (IJAIS) ISSN : 2249-0868, vol. 1, no. 6, pp. 35-41, February 2012.
  2. Min- Shiang Hwang, Li Hua Li. , "A new remote password authentication scheme using smart card", IEEE Transaction on Consumer Electronics, 46 (1), pp. 28-30, 2000.
  3. J. K. Jan and Y. Y. Chan, "paramita wisdom password authentication scheme without verification tables", The journal of system and software, 42(1), pp. 45-57, 1998.
  4. Chun Ta Li, Cheng Chi Li. , "A password authentication scheme over insecure networks", Journal of computer and system science, vol. 72,No. 4 pp. 727-740, 2006.
  5. L. Lamport, "Password authentication with insecure communication", Communication of the ACM, vol. 24, No 11 pp. 770-772, 2001.
  6. M. L. Das, A. Saxena and V. P. Gulati. , "A Dynamic ID-based remote user authentication scheme", IEEE Transaction on consumer Eleectronice, vol. 50, pp. 629- 631, 2004.
  7. H. Y. Chien and C. H. Chen. , "A remote authentication scheme preserving user anonymity", proc. advanced information networking and application, vol. 2. pp 245-248, march, 2005.
  8. I. E. Liao, Chenge-chi Lee and Min-shiang Hwang. , "Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme", Proc. Conference on Next Generation Web Services Practice, pp. 437-440, July,2005.
  9. J. Xu, W. T. Zhu and D. G. Feng. , "An improved smart card based password authentication scheme with provable security", Computer Standards and Interfaces, vol. 31, no. 4, pp. 723 728, 2009.
  10. L. I. Hu, X. X. Niu, and Y. X. Yang. , "Weaknesses and improvements of a remote user authentication scheme using smart cards", The Journal of China Universities of Posts and Telecommunications, vol. 14, pp. 91-94, 2007.
  11. R. Song. , "Advanced smart card based password authentication Protocol", Computer Standards and Interfaces, Volume 32, Issue 4, June, PP 321-325, 2010.
  12. W B Horng and Cheng p Lee. , "Security weaknesses of song. s advanced smart card based Password authenticationProtocol", IEEE trans. Computer, vol. 978-4244-6789 1/10,2010.
  13. Eun-Jun Yoon, and Kee-Young Yoo. , "Three Attacks on Jia et al. . s Remote User Authentication Scheme using Bilinear Pairings and ECC", World Academy of Science, Engineering and Technology 60 (JULY 2011).
  14. Z. Jia, Y. Zhang, H. Shao, Y. Lin and J. Wang, "A remote user authentication scheme using bilinear pairings and ECC", Proceeding Of 6th International Conference on Intelligent Systems Design and Applications (ISDA. 06), Vol. 2, Oct. , pp. 1091-1094, 2006.
  15. P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis", Proceedings of Advances in Cryptology, pp. 388-397, 1999.
  16. T. S. Messerges, E. A. Dabbish, and R. H. Sloan, "Examining smart-card security under the threat of power analysis attacks, IEEE Transactions on Computers, vol. 51, no. 5, pp. 541-552, 2002.
  17. S. K. Sood, A. K. Sarje, K. Singh. , "A secure dynamic identity based authentication protocol for multiserver architecture". Journal of Network and Computer Applications, vol. 34, No. 2, 609-618, 2011.
Index Terms

Computer Science
Information Sciences

Keywords

Attack Authentication Password Secure ID Smart Card