Card image

Scholarly

Volume:3, Issue: 11, 2009 Page No: 1919 - 1922

International Journal of Electrical, Electronic and Communication Sciences

ISSN: 2517-9438

1237 Downloads
Abstract Full Text Download References Share Add to Favorites
DOI:10.5281/zenodo.1329787 BibTeX JSON

Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol

Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.
Authors:
Keywords:
References:
[1] L. Lamport, "Password authentication with insecure communication,"
Communications of the ACM, vol 24, pp 770-772, 1981
[2] M.S. Hwang, L.H. Li, "A new remote user authentication scheme using
smart cards," IEEE Transactions on Consumer Electronics 46 , pp28-.30, 2000
[3] ML Das, A Saxena, VP Gulati, "A dynamic ID-based remote user
authentication scheme," IEEE Transactions on Consumer Electronics 2004,
volume 50, Issue 2, pp. 629-631, 2004.
[4] Y Wang, J Liu, F Xiao, J Dan, "A more efficient and secure dynamic
ID-based remote user authentication scheme," Computer Communications 32,
Volume 32, Issue 4, 2009, pp 583-585
[5] H.M. Sun,"An efficient remote user authentication scheme using
smartcards," IEEE Transactions on Consumer Electronics 46, pp 958-961.
2000
[6] YP Liao, SS Wang, "A secure dynamic ID based remote user authentication
scheme for multi-server environment," Computer Standards & Interfaces,
Volume 31, Issue 1, pp 24-29, 2009
[7] HC Hsiang, WK Shih, "improvement of the secure dynamic id based remote
user authentication scheme for multi-server environment,"Computer Standards
& Interfaces 31, Issue 6, 2008, pp 1118-1123, 2008
[8] T.S. Messergers, E.A. Dabbish, R.H. Sloan, "Examining smart card security
under the threat of power analysis attacks," IEEE Trans. Comput. 51, pp
541-.552. 2002