Title :
Cryptanalysis of a more secure remote user authentication scheme
Author :
Horng, Wen-Bing ; Lee, Cheng-Ping ; Peng, Jian-Wen
Author_Institution :
Dept. Comput. Sci. & Inf. Eng., Tamkang Univ., Taipei, Taiwan
Abstract :
Recently, Kim and Chung proposed a more secure remote user authentication scheme, which is an improvement over Yoon-Yoo´s scheme to remedy their security flaws, such as leak of password and vulnerabilities to the masquerading user attack, the masquerading server attack, and the stolen-verifier attack. In this paper, we will show that Kim-Chung´s improved scheme is vulnerable to the offline password guessing attack. In addition, the scheme does not possess the feature of secret key forward secrecy as they claimed. Hence, Kim-Chung´s scheme is also subject to the masquerading user attack and the masquerading server attack as well. Moreover, their scheme does not generate session keys for secure communications.
Keywords :
authorisation; computer crime; computer network security; cryptography; smart cards; Kim-Chung scheme; Yoon-Yoo scheme; cryptanalysis; masquerading server attack; password leakage; remote user authentication scheme; secure communication; security flaw; stolen verifier attack; Authentication; Communication channels; Cryptography; Feature extraction; Servers; Smart cards; authentication; network security; smart card;
Conference_Titel :
Computer Symposium (ICS), 2010 International
Conference_Location :
Tainan
Print_ISBN :
978-1-4244-7639-8
DOI :
10.1109/COMPSYM.2010.5685503
