Title :
Integrating access control with user authentication using smart cards
Author_Institution :
Appl. Eng. Dept., Southern Taiwan Univ. of Technol., Tainan, Taiwan
fDate :
11/1/2000 12:00:00 AM
Abstract :
Jan and Tseng (see IEE Proc. Comput. Digit. Tech., vol.145, no.6, p.419-24, 1998) proposed two integrated schemes of user authentication and access control which can be used to implement a protection system in distributed computer systems. However, Lee (2000) showed that both schemes were insecure. Although Lee modified Jan-Tseng´s second scheme to withstand the proposed attacks, how to repair Jan-Tseng´s first scheme to prevent Lee´s attacks is still unknown. Thus, this paper proposes an improvement of Jan-Tseng´s first scheme using smart cards to withstand Lee´s attacks and the replay attack. The security of the proposed scheme is based on the difficulty of solving discrete logarithms. The proposed scheme holds the following advantages (1) servers do not need to keep any secret information about the system or the users; and (2) the updating processes for the modification of access rights are very efficient
Keywords :
cryptography; message authentication; smart cards; telecommunication security; Lee´s attacks; access control; access rights modification; cryptography; discrete logarithms; distributed computer systems; efficient updating processes; protection system; replay attack; security; servers; smart cards; user authentication; Access control; Authentication; Control systems; Cryptography; Distributed computing; Information security; Permission; Protection; Smart cards; Vents;
Journal_Title :
Consumer Electronics, IEEE Transactions on
