Title :
Security analysis of smart card based password authentication schemes
Author :
Kim, Hyun-Seok ; Seo, Suk ; Choi, Jin-Young
Author_Institution :
Coll. of Comput. & Commun. Eng., Korea Univ., Seoul, South Korea
Abstract :
In the last few years, researchers have extensively studied the key exchange protocol. In 2007, Kwon et al. proposed a simple three-step key exchange protocol using smart card. In 2008, Chen and Lee proposed a secure and efficient user authentication scheme using smart card that is modified to enhance the security of the series of the Peyravian-Zunic scheme. The current paper demonstrates the vulnerability of Kwon et al.´s protocol regarding off-line password guessing attack and forgery attack. Also, we show that Chen and Lee´s scheme is still vulnerable to the off-line password guessing attack and has the non-reparability. In this paper, in addition, after analyzing the two protocols, we propose each of countermeasure against our attacks.
Keywords :
Authentication; Computer security; Cryptography; Dictionaries; Educational institutions; Entropy; Forgery; Protocols; Public key; Smart cards; Forgery attack; Key exchange protocol; Non-reparability; Off-line password guessing attack; Password-based authentication;
Conference_Titel :
Information Sciences and Interaction Sciences (ICIS), 2010 3rd International Conference on
Conference_Location :
Chengdu, China
Print_ISBN :
978-1-4244-7384-7
Electronic_ISBN :
978-1-4244-7386-1
DOI :
10.1109/ICICIS.2010.5534807