A Novel Dynamic ID-Based Remote User Authentication Scheme

Author

Misbahuddin, Md ; Ahmed, Md Aijaz ; Rao, A. Ananda ; Bindu, C. Shoba ; Khan, M. A Muqsit

Author_Institution

Maulana Azad Nat. Urdu Univ., Hyderabad

fYear

2006

fDate

15-17 Sept. 2006

Firstpage

1

Lastpage

5

Abstract

In 2004 Das et al. proposed a "dynamic ID based remote user authentication scheme using smart cards" that allows the user to choose and change their password freely and does not maintain any verifier table. It can protect against ID-theft, replay attack, forgery attack, guessing attack, insider attack and stolen verifier attack. However, Awasthi and Lai, have pointed out several weaknesses in Das et. al. scheme and have shown that the scheme is completely insecure and is equivalent to open server access without any passwords. Subsequently, Wei-Chi KU and Shen-Tein Chang have shown that an adversary can successfully impersonate the user and log onto remote server. Moreover Das\´s scheme does not achieve mutual authentication, which is essential for many applications. In this paper, we propose an improved scheme, which overcomes the weaknesses of Das et al scheme and improves the security strength. The proposed scheme also achieves mutual authentication in addition to the advantages of Das et al.\´s scheme without adding much to the computational cost

Keywords

message authentication; smart cards; telecommunication security; mutual authentication; password changing; remote server; security strength; smart cards; Authentication; Computational efficiency; Educational institutions; Forgery; Protection; Registers; Resists; Security; Smart cards; Authentication; Dynamic ID; Impersonation Attack; Password; Smart Cards;

fLanguage

English

Publisher

ieee

Conference_Titel

India Conference, 2006 Annual IEEE

Conference_Location

New Delhi

Print_ISBN

1-4244-0369-3

Electronic_ISBN

1-4244-0370-7

Type

conf

DOI

10.1109/INDCON.2006.302819

Filename

4086290