Improvement of a security enhanced one-time two-factor authentication and key agreement scheme

被引:14
|
作者
Xie, Qi [1 ]
机构
[1] Hangzhou Normal Univ, Sch Informat Sci & Engn, Hangzhou 310036, Zhejiang, Peoples R China
来源
SCIENTIA IRANICA | 2012年 / 19卷 / 06期
基金
中国国家自然科学基金;
关键词
Authentication; Key exchange; Password; Smart card; One-time; Two-factor; REMOTE MUTUAL AUTHENTICATION; PASSWORD AUTHENTICATION; EFFICIENT; WEAKNESSES;
D O I
10.1016/j.scient.2012.02.029
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
In 2010, Holbl et al. showed that Shieh et al.'s mutual authentication and key agreement scheme is vulnerable to the smart card lost attack, not achieving perfect forward secrecy, and proposed a security enhanced scheme to eliminate these weaknesses. In this paper, we show that Holbl et al.'s security enhancement is still vulnerable to the smart card lost attacks. In addition, their scheme cannot resist impersonation attacks and parallel session attacks. Seeing that the existing mutual authentication schemes using smart cards are almost vulnerable to the smart card lost attacks, we further propose a new one-time two-factor mutual authentication and key agreement scheme to eliminate these weaknesses. (C) 2012 Sharif University of Technology. Production and hosting by Elsevier B.V. All rights reserved.
引用
收藏
页码:1856 / 1860
页数:5
相关论文
共 50 条
  • [1] On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems
    Hamed Arshad
    Vahid Teymoori
    Morteza Nikooghadam
    Hassan Abbassi
    Journal of Medical Systems, 2015, 39
  • [2] On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems
    Arshad, Hamed
    Teymoori, Vahid
    Nikooghadam, Morteza
    Abbassi, Hassan
    JOURNAL OF MEDICAL SYSTEMS, 2015, 39 (08)
  • [3] On the Security of a Two-Factor Authentication Scheme
    Catuogno, Luigi
    Galdi, Clemente
    INFORMATION SECURITY THEORY AND PRACTICES: SECURITY AND PRIVACY OF PERVASIVE SYSTEMS AND SMART DEVICES, 2010, 6033 : 245 - +
  • [4] A Secured Two-Factor Authentication Protocol for One-Time Money Account
    Sarang, Devidas
    Shekokar, Narendra
    PROCEEDINGS OF INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATION, ICWICOM 2017, 2018, 19 : 29 - 38
  • [5] Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol
    Xie, Qi
    Dong, Na
    Wong, Duncan S.
    Hu, Bin
    INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2016, 29 (03) : 478 - 487
  • [6] A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme
    Chandrakar, Preeti
    Om, Hari
    INTERNATIONAL JOURNAL OF BUSINESS DATA COMMUNICATIONS AND NETWORKING, 2016, 12 (02) : 62 - 79
  • [7] An Enhanced Anonymous Two-factor Mutual Authentication with Key-agreement Scheme for Session Initiation Protocol
    Reddy, Alavalapati Goutham
    Yoon, Eun-Jun
    Das, Ashok Kumar
    Yoo, Kee-Young
    SECURITY OF INFORMATION AND NETWORKS (SIN'16), 2016, : 144 - 148
  • [8] Mobile one-time passwords: two-factor authentication using mobile phones
    Eldefrawy, Mohamed Hamdy
    Khan, Muhammad Khurram
    Alghathbar, Khaled
    Kim, Tai-Hoon
    Elkamchouchi, Hassan
    SECURITY AND COMMUNICATION NETWORKS, 2012, 5 (05) : 508 - 516
  • [9] One-Time Password Generation and Two-Factor Authentication Using Molecules and Light
    Naren, Gaowa
    Li, Shiming
    Andreasson, Joakim
    CHEMPHYSCHEM, 2017, 18 (13) : 1726 - 1729
  • [10] On the security and improvement of a two-factor user authentication scheme in wireless sensor networks
    Da-Zhi Sun
    Jian-Xin Li
    Zhi-Yong Feng
    Zhen-Fu Cao
    Guang-Quan Xu
    Personal and Ubiquitous Computing, 2013, 17 : 895 - 905
12345