{"title":"An Enhanced Remote User Authentication Scheme Providing Mutual Authentication and Key Agreement with Smart Cards","authors":"Chun-Ta Li","doi":"10.1109/IAS.2009.17","DOIUrl":null,"url":null,"abstract":"In 2005, Yoon et al. proposed a user-friendly remote user authentication scheme using smart cards. The security of their scheme is based on one-way hash function and they claimed that their scheme is secured from attacks and achievable for proving mutual authentication, freely choosing password, no verification tables, and involving very lightweight hashing operations. However, we find that Yoon et al.’s scheme suffers from the denial of service attack and performs only unilateral authentication (only user authentication). In this paper we consequently propose an enhanced version to eliminate the vulnerability. Furthermore, our enhanced scheme can also provide mutual authentication and key agreement between a remote server and login users.","PeriodicalId":240354,"journal":{"name":"2009 Fifth International Conference on Information Assurance and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Fifth International Conference on Information Assurance and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAS.2009.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 17
Abstract
In 2005, Yoon et al. proposed a user-friendly remote user authentication scheme using smart cards. The security of their scheme is based on one-way hash function and they claimed that their scheme is secured from attacks and achievable for proving mutual authentication, freely choosing password, no verification tables, and involving very lightweight hashing operations. However, we find that Yoon et al.’s scheme suffers from the denial of service attack and performs only unilateral authentication (only user authentication). In this paper we consequently propose an enhanced version to eliminate the vulnerability. Furthermore, our enhanced scheme can also provide mutual authentication and key agreement between a remote server and login users.