Security Enhancement for a Low Computation Cost User Authentication Scheme
نویسندگان
چکیده
In 2003, Wu and Chieu proposed a user friendly remote authentication scheme using smart cards. Later, Yang and Wang pointed out that Wu and Chieu’s scheme is vulnerable to the password guessing and forgery attacks. Recently, Lee et al. proposed an improved authentication scheme and claimed that their scheme is secure against forgery attack. However, in this paper, we illustrate that Lee et al.’s scheme is still vulnerable to the forgery attack. We also propose an enhancement of the scheme to resist such that attack.
منابع مشابه
A Smart Card Based Authentication Scheme for Remote User Login and Verification
With the advancement of Internet network technologies, remote user authentication schemes using smart cards have been widely adopted. In order to satisfy the requirements of a remote user authentication scheme, the smart card has become an essential device, one that is widely used because of its low computation cost and expedient portability. To achieve computation efficiency and system securit...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملA Forgery Attack on A Low Computation Cost User Authentication Scheme
In 2005, Lee-Lin-Chang proposed a low computation cost user authentication scheme for mobile communication. However, the current paper demonstrates the vulnerability of Lee-Lin-Chang’s scheme to a forgery attack, where an attacker can easily masquerade other legal users to access the resources at a remote system and then presents an simple solution to isolate such a problem.
متن کاملA novel remote user authentication and key agreement scheme for mobile client-server environment
Recently, many identity (ID)-based user authentication and key agreement schemes for mobile client-server environment were proposed. However, these schemes are subjected to an inherent design weakness, namely, the server knows all users’ private keys. Under this problem, these schemes cannot provide insider attack resistance or mutual authentication. Furthermore, some of these schemes cannot si...
متن کاملRemote User Authentication Scheme with User Anonymity
This paper proposes a scheme allowing a user to log into the server with a dynamic pseudonym. No one can trace the specified user except the service provider, which protects the user privacy from outsiders in this way. Besides, the scheme provides the following merits: (1) no verification table; (2) mutual authentication; (3) low communication and computation cost; (4) free password change; (5)...
متن کامل