An improved remote user authentication scheme with key agreement

被引：95

作者：

Kumari, Saru ^{[1
]}

Khan, Muhammad Khurram ^{[2
]}

Li, Xiong ^{[3
]}

机构：

[1] Agra Coll, Dept Math, Agra, Uttar Pradesh, India

[2] King Saud Univ, Ctr Excellence Informat Assurance, Riyadh, Saudi Arabia

[3] Hunan Univ Sci & Technol, Sch Comp Sci & Engn, Xiangtan 411201, Peoples R China

来源：

COMPUTERS & ELECTRICAL ENGINEERING | 2014年 / 40卷 / 06期

基金：

中国国家自然科学基金;

关键词：

PASSWORD AUTHENTICATION; SECURITY ENHANCEMENT; EFFICIENT; CRYPTANALYSIS;

D O I：

10.1016/j.compeleceng.2014.05.007

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In distributed systems, user authentication schemes based on password and smart card are widely used to ensure only authorized access to the protected services. Recently, Chang et al. presented an untraceable dynamic-identity-based user authentication scheme with verifiable-password-update. In this research, we illustrate that Chang et al.'s scheme violates the purpose of dynamic-identity contrary to authors' claim. We show that once the smart card of an arbitrary user is lost, passwords of all registered users are at risk. Using information from an arbitrary smart card, an adversary can impersonate any user of the system. In addition, its password change phase has loopholes and is misguiding. The scheme has no provision for session key agreement and the smart card lacks any verification mechanism. Then we come-up with an improved remote user authentication scheme with the session key agreement, and show its robustness over related schemes. (C) 2014 Elsevier Ltd. All rights reserved.

引用

页码：1997 / 2012

页数：16

共 50 条

[1] Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement
Sonam Devgan Kaul
Amit K. Awasthi
[J]. Wireless Personal Communications, 2016, 89 : 621 - 637
[2] Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement
Kaul, Sonam Devgan
Awasthi, Amit K.
[J]. WIRELESS PERSONAL COMMUNICATIONS, 2016, 89 (02) : 621 - 637
[3] Cryptanalysis of Remote User Authentication Scheme with key agreement
Madhusudan, R.
Valiveti, Annapurna
[J]. 2015 2ND INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATIONS, AND CONTROL TECHNOLOGY (I4CT), 2015,
[4] Improved Biometrics-Based Remote User Authentication Scheme with Session Key Agreement
An, Younghwa
[J]. COMPUTER APPLICATIONS FOR GRAPHICS, GRID COMPUTING, AND INDUSTRIAL ENVIRONMENT, 2012, 351 : 307 - 315
[5] An improved dynamic ID-based remote user authentication with key agreement scheme
Wen, Fengtong
Li, Xuelei
[J]. COMPUTERS & ELECTRICAL ENGINEERING, 2012, 38 (02) : 381 - 387
[6] An Improved Anonymous Remote user Authentication Scheme with Key Agreement based on Dynamic Identity
Shi, Yajuan
Shen, Han
Zhang, Yuanyuan
Chen, Jianhua
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2015, 9 (05): : 255 - 268
[7] An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme
Qu, Juan
Zou, Li-Min
[J]. JOURNAL OF ELECTRICAL AND COMPUTER ENGINEERING, 2013, 2013
[8] An Improved User Authentication and Key Agreement Scheme Providing User Anonymity
Ya-Fen Chang and Pei-Yu Chang Department of Computer Science and Information Engineering
[J]. Journal of Electronic Science and Technology, 2011, 9 (04) : 352 - 358
[9] A Modified Remote User Authentication and Key Agreement Scheme Using Smart Cards
Zhang, Lijiang
Wei, Puwen
[J]. 2008 ISECS INTERNATIONAL COLLOQUIUM ON COMPUTING, COMMUNICATION, CONTROL, AND MANAGEMENT, VOL 1, PROCEEDINGS, 2008, : 419 - 423
[10] Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment
Marimuthu Karuppiah
Ashok Kumar Das
Xiong Li
Saru Kumari
Fan Wu
Shehzad Ashraf Chaudhry
R. Niranchana
[J]. Mobile Networks and Applications, 2019, 24 : 1046 - 1062

← 1 2 3 4 5 →