Title :
On security of a more efficient and secure dynamic ID-based remote user authentication scheme
Author :
Lee, Cheng-Chi ; Li, Chun-Ta ; Chen, Chin-Ling ; Chang, Rui-Xiang
Author_Institution :
Dept. of Libr. & Inf. Sci., Fu Jen Catholic Univ., Taipei, Taiwan
fDate :
Nov. 29 2010-Dec. 1 2010
Abstract :
Recently, Wang et al. showed that Das et al.´s dynamic ID-based remote user authentication scheme is vulnerable to an impersonation attack and can not achieve mutual authentication. Consequently, a more efficient and secure dynamic ID-based remote user authentication scheme was proposed and claimed that it was now secure and of practical value. However, in this paper, we will show that Wang et al.´s scheme is still vulnerable to off-line password guessing attacks, where the adversary can off-line guess a legal user´s password from eavesdropping. Moreover, the dynamic ID feature of their scheme can not be achieved and the adversary is able to determine who was communicating with the remote server. Finally, the process of Wang et al.´s scheme is inconvenient for the user Ui due to any user who picks up Ui´s smart card can easily change the original password and Ui has no choice for choosing his/her password in the registration phase.
Keywords :
authorisation; computer network security; network servers; smart cards; network security; password guessing attacks; remote server; secure dynamic ID; smart card; user authentication; user password; Dynamic ID; Network security; Password; Smart cards; User authentication;
Conference_Titel :
Intelligent Systems Design and Applications (ISDA), 2010 10th International Conference on
Conference_Location :
Cairo
Print_ISBN :
978-1-4244-8134-7
DOI :
10.1109/ISDA.2010.5687101
