Title :
Security Analysis of `An Improved Low Computation Cost User Authentication Scheme for Mobile Communication´
Author :
Muhammad Khurram Khan ; Zhang, Jiashu
Author_Institution :
Res. Group for Biometrics & Security, Southwest Jiaotong Univ., Chengdu
Abstract :
Recently, Lee et al. proposed `an improved low computation cost user authentication scheme for mobile communication´. We demonstrate that their scheme is vulnerable and susceptible to the attacks and can be easily cryptanalyzed. We point out that their scheme performs unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Furthermore, an adversary can impersonate legitimate users by copying data of their stolen or lost smart card. Moreover, Lee et al.´s scheme is poorly reparable, which makes their method infeasible to implement
Keywords :
authorisation; client-server systems; message authentication; mobile communication; telecommunication security; client authentication; low computation cost user authentication scheme; mobile communication; security analysis; server spoofing attack; unilateral authentication; Authentication; Biometrics; Computational efficiency; Forgery; Information analysis; Information processing; Information security; Mobile communication; Mobile computing; Smart cards;
Conference_Titel :
9th International Multitopic Conference, IEEE INMIC 2005
Conference_Location :
Karachi
Print_ISBN :
0-7803-9429-1
Electronic_ISBN :
0-7803-9430-5
DOI :
10.1109/INMIC.2005.334490
