Enhanced Smartcard based Multi-Server Authentication Scheme
نویسندگان
چکیده
Generally, if a user wants to use numerous different network services, he/she must register himself/herself to every service providing server. It is not easy task for users to remember these different identities and passwords for each server. To solve the problem, various multiserver authentication schemes have been proposed. Recently, Wang et al. proposed a smartcard based multi-server authentication scheme. They claimed that their scheme is secure against impersonation attack, server spoofing attack and offline dictionary attack, and provides forward secrecy. However, through careful analysis, we find that Wang et al.’s scheme is still vulnerable to password guessing attack with stolen smartcard. Furthermore, we propose an enhanced smartcard based multi-server authentication scheme to cope with the security problem in Wang et al.’s scheme. The proposed scheme is suitable for use in distributed multi-server architecture since it provides mutual authentication, efficiency and security.
منابع مشابه
Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps
A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, ...
متن کاملAdvanced Secure User Authentication Framework for Cloud Computing
Cloud Computing, as an emerging, virtual, large-scale distributed computing model, has gained increasing attention these years. Meanwhile it also faces many security challenges, one of which is authentication. Lots of researches have been done in this area. Recently, Choudhury et al proposed a user authentication framework to ensure user legitimacy before entering into the cloud. They claimed t...
متن کاملAn Enhanced Biometric-Based Three Factors User Authentication Scheme for Multi-server Environments
Authentication is an important and basic security service for many network based applications, which allows the registered user access remote services after the validity of his/her identity is verified by the remote server. Password, smart card and biometric are three frequently used factors in authentication, and some remote user authentication schemes for different environments had been prese...
متن کاملClient-Server Multi-Factor Authentication Using Pairings
What would be the ideal attributes of a client-server authentication scheme? One might like an identity based scheme not requiring PKI, plus support for multi-factor authentication based on a token, a PIN number, and optionally a biometric. The former might hold a high-entropy secret, and the latter may be represented as relatively lowentropy parameters. However it would be preferred if the tok...
متن کاملCryptanalysis on Improved Remote User Authentication Scheme Preserving User Anonymity
* Corresponding author Summary Even though user anonymity is an important issue in many ecommerce applications, most of smartcard-based remote authentication schemes did not considered user identities protection while authenticating the users. In 2004, Das et al. proposed a remote authentication scheme by preserving the users' anonymity. Their scheme adopted dynamic identification to achieve th...
متن کامل