Title :
Cryptanalysis and improvement on remote user mutual authentication scheme with smart cards
Author :
Arshad, Razi ; Ikram, Nassar
Author_Institution :
Nat. Univ. of Sci. & Technol., Rawalpindi
Abstract :
Password-based authentication schemes are the most widely used techniques for remote user authentication. Recently, Khan proposed an improvement to Wu-Chieu scheme to prevent the server spoofing attack and to allow the users to update their passwords freely and securely. In this paper, we do a cryptanalysis of khan´s scheme and show that his scheme is vulnerable to the parallel session attack. Furthermore, his scheme is also susceptible to the impersonation attack and the guessing attack provided that the information stored in the smart card is disclosed by an adversary. We also propose a novel and secure remote user mutual authentication scheme which is immune to the presented attacks.
Keywords :
authorisation; cryptography; smart cards; Wu-Chieu scheme; cryptanalysis; guessing attack; impersonation attack; parallel session attack; remote user mutual authentication; server spoofing attack; smart cards; Authentication; Communication channels; Computational efficiency; Information security; Law; Legal factors; Public key; Public key cryptography; Smart cards; Sun; Authentication; Password; Remote; Smart cards;
Conference_Titel :
Advanced Communication Technology, 2009. ICACT 2009. 11th International Conference on
Conference_Location :
Phoenix Park
Print_ISBN :
978-89-5519-138-7
Electronic_ISBN :
1738-9445