Commenced in January 2007
Paper Count: 31742
Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol
Abstract:Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1329787Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1591
 L. Lamport, "Password authentication with insecure communication," Communications of the ACM, vol 24, pp 770-772, 1981
 M.S. Hwang, L.H. Li, "A new remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics 46 , pp28-.30, 2000
 ML Das, A Saxena, VP Gulati, "A dynamic ID-based remote user authentication scheme," IEEE Transactions on Consumer Electronics 2004, volume 50, Issue 2, pp. 629-631, 2004.
 Y Wang, J Liu, F Xiao, J Dan, "A more efficient and secure dynamic ID-based remote user authentication scheme," Computer Communications 32, Volume 32, Issue 4, 2009, pp 583-585
 H.M. Sun,"An efficient remote user authentication scheme using smartcards," IEEE Transactions on Consumer Electronics 46, pp 958-961. 2000
 YP Liao, SS Wang, "A secure dynamic ID based remote user authentication scheme for multi-server environment," Computer Standards & Interfaces, Volume 31, Issue 1, pp 24-29, 2009
 HC Hsiang, WK Shih, "improvement of the secure dynamic id based remote user authentication scheme for multi-server environment,"Computer Standards & Interfaces 31, Issue 6, 2008, pp 1118-1123, 2008
 T.S. Messergers, E.A. Dabbish, R.H. Sloan, "Examining smart card security under the threat of power analysis attacks," IEEE Trans. Comput. 51, pp 541-.552. 2002