Title :
Security weaknesses of song´s advanced smart card based password authentication protocol
Author :
Horng, Wen-Bing ; Lee, Cheng-Ping ; Peng, Jian-Wen
Author_Institution :
Dept. Comput. Sci. & Inf. Eng., Tamkang Univ., Taipei, Taiwan
Abstract :
Password based authentication with smart cards has been adopted as a more secure means in insecure networks to validate the legitimacy of users. Traditional authentication schemes are based on the tamper-resistant smart card; that is, the data stored in the smart card cannot be revealed. However, it is a challenging problem for considering non-tamper-resistant smart cards used in user authentication. Very recently, in 2010, Song proposed an efficient authentication scheme with such non-tamper resistant smart cards based on symmetric key cryptosystems as well as modular exponentiations. In this paper, we will show that Song´s scheme is vulnerable to the offline password guessing attack and the insider attack. Besides, this scheme does not provide perfect forward secrecy and does not preserve user anonymity.
Keywords :
authorisation; cryptographic protocols; smart cards; advanced smart card; password authentication protocol; symmetric key cryptosystems; tamper resistant smart card; Cryptography; network security; password based authentication; smart card;
Conference_Titel :
Progress in Informatics and Computing (PIC), 2010 IEEE International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-6788-4
DOI :
10.1109/PIC.2010.5687579
