多服务器架构下健壮智能卡认证方案的密码分析

2014 International Symposium on Biometrics and Security Technologies (ISBAST) Pub Date : 2014-08-01 DOI:10.1109/ISBAST.2014.7013106

Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang

{"title":"多服务器架构下健壮智能卡认证方案的密码分析","authors":"Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang","doi":"10.1109/ISBAST.2014.7013106","DOIUrl":null,"url":null,"abstract":"User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.","PeriodicalId":292333,"journal":{"name":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Cryptanalysis of a robust smart card authentication scheme for multi-server architecture\",\"authors\":\"Xiong Li, M. Khan, S. Kumari, Junguo Liao, W. Liang\",\"doi\":\"10.1109/ISBAST.2014.7013106\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.\",\"PeriodicalId\":292333,\"journal\":{\"name\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISBAST.2014.7013106\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISBAST.2014.7013106","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

用户身份验证是基于网络的服务的一个重要安全问题。多服务器认证方案解决了单服务器认证场景下用户需要在不同的服务器上注册才能访问不同类型的网络服务的重复注册问题。最近，Pippal等人提出了一种多服务器架构的智能卡认证方案。他们声称他们的方案有一些优点，可以抵抗各种攻击。本文分析了Pippal等人的方案的缺点，指出其方案不能提供正确的身份验证，不能抵抗冒充攻击、被盗智能卡攻击和内部攻击。此外，当向系统中添加新服务器时，它们的方案是不可扩展的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Cryptanalysis of a robust smart card authentication scheme for multi-server architecture

User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 International Symposium on Biometrics and Security Technologies (ISBAST)

自引率

0.00%

发文量

期刊最新文献

Improved skin detection based on dynamic threshold using multi-colour space Signature-Based Anomaly intrusion detection using Integrated data mining classifiers Distributed Denial of Service detection using hybrid machine learning technique Survey of anti-phishing tools with detection capabilities Effective mining on large databases for intrusion detection