Title :
Security enhancements of smart card-based remote user password authentication scheme with session key agreement
Author_Institution :
Div. of Comput. & Media Inf. Eng., Kangnam Univ., Yongin, South Korea
Abstract :
Smart card-based user authentication schemes have been proposed recently to improve the security drawbacks in user authentication scheme. Li et al., in 2013, proposed an enhanced smart card-based remote user password authentication scheme which can withstand the security drawbacks of Chen et al.´s scheme. In this paper, we show that Li et al.´s scheme is vulnerable to user impersonation attack, server masquerading attack, password guessing attack and does not provide mutual authentication between the user and the server. Also, we propose the enhanced scheme with session key agreement to overcome the security drawbacks of Li et al.´s scheme, even if the secret values stored in the smart card is revealed. As a result, the enhanced scheme is relatively more secure than the related scheme in terms of security.
Keywords :
message authentication; smart cards; password guessing attack; remote user password authentication scheme; security drawback; security enhancement; server masquerading attack; session key agreement; smart card; user impersonation attack; Authentication; Bismuth; Law; Servers; Smart cards; Authentication; Password Guessing Attack; Server Masquerading Attack; Session Key Agreement; User Impersonation Attack;
Conference_Titel :
Advanced Communication Technology (ICACT), 2015 17th International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-8-9968-6504-9
DOI :
10.1109/ICACT.2015.7224880
