Efficient Two-Factor Authentication Protocol Using Password and Smart Card
نویسنده
چکیده
Two-factor authentication using password and smart card could reduce the risk than the use of a password alone. Recently, Chen et al. proposed a two-factor remote user authentication protocol using password and smart card and provide the criteria of authentication protocols. They claimed their protocol is secure against certain known attacks. In this paper, the authors showed that Chen et al.’s scheme is still vulnerable to the off-line password guessing attack, privileged administrator attack, key control attack and lacks of forward security. To solve these security problems, we propose an efficient two-factor authentication and key agreement protocol..
منابع مشابه
Provably Secure and Efficient Three-Factor Authenticated Key Agreement Scheme with Untraceability
Authentication and key agreement protocol is indispensable for today network applications. Many two-factor authentication and key agreement protocols using smart card and password have been proposed over the last decade. However, many of these schemes are vulnerable to password guessing attack due to low-entropy passwords. In this paper, we show how to mount an offline password guessing attack ...
متن کاملTwo - factor Authentication Schemes Based Smart Card and Password with User Anonymity ⋆
Two-factor anonymous authentication using password and smart card could preserve user privacy and reduce the risk than the use of a single authentication factor. Recently, Chang et al. pointed some security weaknesses in Wang et al.’s anonymous authentication scheme and proposed enhanced scheme. They claimed that their scheme provides desired security properties. However, we show that Chang et ...
متن کاملAn Efficient and Secure ID-based Remote User Authentication Scheme using Smart Card
The User Authentication mechanism technology has enjoyed strong growth in recent year, but security threats and facing attacks in authentication have grown equally fast. Today, there are many potential attacks that are targeted at authentication including insider attack, masquerade attack, server spoofing attack, parallel session attack, offline password guessing attack and many more. Recently,...
متن کاملSecurity Weaknesses of Dynamic ID-based Remote User Authentication Protocol
Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.’s protocol is not secure to randoml...
متن کاملBiometrics based authentication scheme for session initiation protocol
Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JCP
دوره 8 شماره
صفحات -
تاریخ انتشار 2013