Title :
Cryptanalysis of a robust and efficient smart card oriented remote user authentication protocol
Author :
Wen-Bing Horng ; Jian-Wen Peng ; Chao-Sheng Liu ; Ying-Ching Chiu
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Tamkang Univ., Taipei, Taiwan
Abstract :
Remote user authentication is an important part in electronic commerce to identify legitimate users over the Internet. Recently, Chang et al. proposed a robust and efficient smart card based remote user authentication scheme to provide user anonymity. However, in this paper we will show that Chang et al.´s scheme fails to protect user privacy in terms of anonymity and traceability. In addition, it is vulnerable to the server counterfeit attack and it does not provide perfect forward secrecy for session keys. Furthermore, if the smart card is lost, it will suffer from the offline password guessing attack as well as the user impersonation attack. Hence, the scheme cannot achieve mutual authentication.
Keywords :
Internet; cryptographic protocols; data privacy; electronic commerce; message authentication; smart cards; Internet; cryptanalysis; efficient smart card oriented remote user authentication protocol; electronic commerce; legitimate users; mutual authentication; offline password guessing attack; perfect forward secrecy; robust smart card oriented remote user authentication protocol; server counterfeit attack; session keys; user anonymity; user impersonation attack; user privacy; Authentication; Law; Privacy; Robustness; Servers; Smart cards; authentication; cryptanalysis; security; smart card;
Conference_Titel :
Intelligent Signal Processing and Communications Systems (ISPACS), 2012 International Symposium on
Conference_Location :
New Taipei
Print_ISBN :
978-1-4673-5083-9
Electronic_ISBN :
978-1-4673-5081-5
DOI :
10.1109/ISPACS.2012.6473596
