A New Dynamic ID-Based Remote User Authentication Scheme with Forward Secrecy
نویسندگان
چکیده
Forward secrecy is one of the important properties of remote user authentication schemes to limit the effects of eventual failure of the entire system when the long-term private keys of one or more parties are compromised. Recently, Tsai et al. showed that Wang et al.’s dynamic ID-based remote user authentication scheme fails to achieve user anonymity and is vulnerable to user impersonation attack, and proposed an enhanced version to overcome all the identified flaws. In this paper, however, we will point out that, Tsai et al.’s scheme still suffers from the denial of service attack and cannot provide forward secrecy. To remedy these security flaws, we propose an enhanced authentication scheme, which covers all the identified weaknesses of Tsai et al.’s scheme and is more suitable for mobile application scenarios where resource constrained and security concerned.
منابع مشابه
Cryptanalysis of Sun and Cao's Remote Authentication Scheme with User Anonymity
Dynamic ID-based remote user authentication schemes ensure efficient and anonymous mutual authentication between entities. In 2013, Khan et al. proposed an improved dynamic ID-based authentication scheme to overcome the security flaws of Wang et al.’s authentication scheme. Recently, Sun and Cao showed that Khan et al. does not satisfies the claim of the user’s privacy. Moreover, They proposed ...
متن کاملCryptanalysis of Two Dynamic ID-Based Remote User Authentication Schemes for Preserving User Privacy
Remote user authentication is an essential part in electronic commerce to identify legitimate users over the Internet. However, how to protect user privacy in the authentication has become an important issue recently. Therefore, many secure authentication schemes with smart cards have been proposed. In this paper, we will analyze the security weaknesses of two recently proposed authentication s...
متن کاملA New Remote User Authentication Scheme Using Smart Cards with Forward Secrecy
Hwang and Li proposed the first remote user authentication scheme using smart cards to solve the problems of Lamport scheme. Unfortunately, Hwang and Li’s scheme has some security weaknesses. First, ChanChang, ShenLinHwang and then Chang-Hwang pointed out some attacks on Hwang – Li’s scheme. This paper presents a new remote user authentication scheme with forward secrecy, which provides forward...
متن کاملAdvanced Secure Remote User Authentication Scheme Preserving User Anonymity
To ensure secure transmission of data and to authenticate remote user while accessing server resources, smart card based remote user authentication schemes have been widely adopted. In 2004, Das et al proposed first of its kind of protocol for remote user authentication with smart cards using Dynamic Id to protect user anonymity. In 2005, Chien et al pointed out that Das et al scheme failed to ...
متن کاملAn Improved Anonymous Remote user Authentication Scheme with Key Agreement based on Dynamic Identity
To keep the pace with the development of internet technology, remote user authentication techniques become more and more important to protect user’s privacy. Recently, Kumari, et al., presented an improved remote user authentication scheme with key agreement based on dynamic-identity using smart card. This scheme allows legal users to change the password at his will without the need to connect ...
متن کامل