A More Efficient and Secure Untraceable Remote User Password Authentication Scheme Using Smart Card with Session Key Agreement

To secure the data using smart card it is very essential to authenticate the user password and provide session key agreement over the unreliable networks. To check the authenticity or validity of the remote users, smart cards based on password authentication is the best mechanism to solve this problem. There are various password authentication mechanisms proposed by different researchers have its own merits and demerits. In this proposed scheme, a more efficient and secure untraceable remote user password authentication scheme using smart card with session key agreement, we compared other password authentication schemes based on smart card and found that the proposed scheme have various security features which are not present in other schemes. The various security features include as: (1) Verifier table is not required; (2) identity of the user can not be trace out; (3) smart card having inbuilt verification mechanism; (4) facility of mutual authentication on both sides user/server is present; (5) facility of session key between user/server is present; (6) provide quick wrong password detection; (7) provide secure password select/update facility; (8) provide forward secrecy; (9) the storage cost/operational cost/authentication cost are minimum; (10) privacy of the user can be protected; (11) timestamp at every phase of authentication is required; (12) in the situation of damage/misplace of smart card, server can reissue the same without altering the identity.