scholarly journals A Remote User Authentication Scheme with Anonymity for Mobile Devices

10.5772/50912 ◽  
2012 ◽  
Vol 9 (1) ◽  
pp. 13 ◽  
Author(s):  
Soobok Shin ◽  
Kangseok Kim ◽  
Ki-Hyung Kim ◽  
Hongjin Yeh
Keyword(s):  
Mobile Devices ◽  
Smart Card ◽  
User Authentication ◽  
Mutual Authentication ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Efficient System ◽  
Remote Server ◽  
Remote User Authentication ◽  
Remote User

With the rapid growth of information technologies, mobile devices have been utilized in a variety of services such as e-commerce. When a remote server provides such e-commerce services to a user, it must verify the legitimacy of the user over an insecure communication channel. Therefore, remote user authentication has been widely deployed to verify the legitimacy of remote user login requests using mobile devices like smart cards. In this paper we propose a smart card-based authentication scheme that provides both user anonymity and mutual authentication between a remote server and a user. The proposed authentication scheme is a simple and efficient system applicable to the limited resource and low computing performance of the smart card. The proposed scheme provides not only resilience to potential attacks in the smart card-based authentication scheme, but also secure authentication functions. A smart card performs a simple one-way hash function, the operations of exclusive-or and concatenation in the authentication phase of the proposed scheme. The proposed scheme also provides user anonymity using a dynamic identity and key agreement, and secure password change.

scholarly journals A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

2014 ◽  
Vol 2014 ◽  
pp. 1-16 ◽  
Author(s):  
Ashok Kumar Das ◽  
Vanga Odelu ◽  
Adrijit Goswami
Keyword(s):  
Smart Card ◽  
Hash Function ◽  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Remote Server ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

scholarly journals An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

2013 ◽  
Vol 2013 ◽  
pp. 1-9 ◽  
Author(s):  
Muhammad Khurram Khan ◽  
Saru Kumari
Keyword(s):  
User Authentication ◽  
Security Analysis ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Efficiency Comparison ◽  
Remote User ◽  
Mere Addition

The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

Cryptanalysis of a Remote User Authentication Scheme

2013 ◽  
Vol 433-435 ◽  
pp. 1699-1701
Author(s):  
Bang Ju Wang ◽  
Huan Guo Zhang
Keyword(s):  
Smart Card ◽  
User Authentication ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

Among many user authentications over insecure networks, password authentication is simple, convenient and widely adopted one. Chen and Lee proposed a new hash-based password authentication using smart card and claimed that their scheme could resist seven attacks as listed in their paper. However, in this paper, it is pointed out that Chen-Lee’s scheme is vulnerable to off-line password guessing, replay and impersonation attacks when the smart card is lost or stolen.

Sign in / Sign up

Export Citation Format

Share Document