M. Hwang, E. F. Cahyadi, Yuen-Cheng Chou, Cheng-Ying Yang
{"title":"Cryptanalysis of Kumar's Remote User Authentication Scheme with Smart Card","authors":"M. Hwang, E. F. Cahyadi, Yuen-Cheng Chou, Cheng-Ying Yang","doi":"10.1109/CIS2018.2018.00099","DOIUrl":null,"url":null,"abstract":"One of the common necessity to have secret communication through Internet is to authenticate the legality of users. The simplest and most popular authentication technique to have secret communication through Internet is remote user authentication scheme. Recently, Kumar proposed an enhanced amart card-based remote user authentication scheme. Their scheme was robust and easy to implement. They claimed that their scheme could against explicit key authentication, replay attack, stolen-verifier attacks, forward secrecy, denial of service attacks, impersonation attacks, mutual authentication, parallel session attack, password guessing attacks, smart card loss attacks, attack via registered identity, and attack via password. In this article, we will show that Kumar's scheme is vulnerable to the off-line guessing password attack. In this article, we also propose an improved Kumar's enhanced smart card-based remote user authentication scheme to withstand the vulnerability in their scheme.","PeriodicalId":185099,"journal":{"name":"2018 14th International Conference on Computational Intelligence and Security (CIS)","volume":"325 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 14th International Conference on Computational Intelligence and Security (CIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS2018.2018.00099","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
One of the common necessity to have secret communication through Internet is to authenticate the legality of users. The simplest and most popular authentication technique to have secret communication through Internet is remote user authentication scheme. Recently, Kumar proposed an enhanced amart card-based remote user authentication scheme. Their scheme was robust and easy to implement. They claimed that their scheme could against explicit key authentication, replay attack, stolen-verifier attacks, forward secrecy, denial of service attacks, impersonation attacks, mutual authentication, parallel session attack, password guessing attacks, smart card loss attacks, attack via registered identity, and attack via password. In this article, we will show that Kumar's scheme is vulnerable to the off-line guessing password attack. In this article, we also propose an improved Kumar's enhanced smart card-based remote user authentication scheme to withstand the vulnerability in their scheme.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
