Title :
Improvement of Wang-Li´s Forward-Secure User Authentication Scheme with Smart Cards
Author :
Horng, Wen-Bing ; Lee, Cheng-Ping
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Tamkang Univ., Taipei
Abstract :
Smart card-based applications have been widely used in e-commerce for years. Therefore, many authentication schemes have been proposed to improve security over insecure networks. In 2006, Wang and Li pointed out that Yoon et al.´s remote user authentication scheme with smart cards does not provide the property of perfect forward secrecy; i.e., all previous session keys will be broken if the secret key of the remote server is compromised. They then proposed a new remote user authentication scheme based on the Diffie-Hellman algorithm to provide session key exchange capability with the perfect forward secrecy property. However, in this paper, we will first show that their new scheme is vulnerable to the offline password guessing attack, the parallel session attack, the reflection attack, and the insider attack. Then, we will present an improvement to overcome these weaknesses, while preserving all their merits.
Keywords :
authorisation; message authentication; smart cards; Diffie-Hellman algorithm; e-commerce; forward-secure user authentication; insider attack; offline password guessing attack; parallel session attack; reflection attack; remote user authentication; session key exchange; smart card; Application software; Authentication; Computer science; Design engineering; Forgery; Information security; Intelligent systems; Network servers; Reflection; Smart cards; Cryptanalysis; perfect forward secrecy; remote user authentication; smart card;
Conference_Titel :
Intelligent Systems Design and Applications, 2008. ISDA '08. Eighth International Conference on
Conference_Location :
Kaohsiung
Print_ISBN :
978-0-7695-3382-7
DOI :
10.1109/ISDA.2008.275
