Using IC cards to remotely login passwords without verification tables

Author

Wang, Ching-Te ; Chang, Chin-Chen ; Lin, Chu-Hsing

Author_Institution

Gen. Educ. Center, Nat. Chin-Yi Inst. of Technol., Taichung, Taiwan

Volume

1

fYear

2004

fDate

2004

Firstpage

321

Abstract

A new remote password authentication scheme based on IC cards is proposed in this paper. By using the scheme, a remote password can be authenticated without either a password file or a verification table. A user first applies for an account in the financial organization and then uses the given IC card to login. In the login phase, a user inputs the identity and password, transmits the generated values to the center. In the authentication phase, the system uses the secret key and remotely submitted message to verify whether the request is legal or not. A one-time-used random number and a timestamp are supplied to protect the potential attacks, which may replay a previously intercepted login request. Further, by using the characteristics of IC cards, the proposed scheme is very suitable for authenticating passwords remotely.

Keywords

authorisation; cryptography; message authentication; smart cards; IC card; discrete logarithms; one-way function; password authentication; password file; remote login password; timestamp; verification table; Authentication; Computer science; Computer science education; Costs; Educational technology; Human computer interaction; Law; Legal factors; Privacy; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Advanced Information Networking and Applications, 2004. AINA 2004. 18th International Conference on

Print_ISBN

0-7695-2051-0

Type

conf

DOI

10.1109/AINA.2004.1283931

Filename

1283931