Security Analysis of `An Improved Low Computation Cost User Authentication Scheme for Mobile Communication´

Author

Muhammad Khurram Khan ; Zhang, Jiashu

Author_Institution

Res. Group for Biometrics & Security, Southwest Jiaotong Univ., Chengdu

fYear

2005

fDate

24-25 Dec. 2005

Firstpage

1

Lastpage

4

Abstract

Recently, Lee et al. proposed `an improved low computation cost user authentication scheme for mobile communication´. We demonstrate that their scheme is vulnerable and susceptible to the attacks and can be easily cryptanalyzed. We point out that their scheme performs unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Furthermore, an adversary can impersonate legitimate users by copying data of their stolen or lost smart card. Moreover, Lee et al.´s scheme is poorly reparable, which makes their method infeasible to implement

Keywords

authorisation; client-server systems; message authentication; mobile communication; telecommunication security; client authentication; low computation cost user authentication scheme; mobile communication; security analysis; server spoofing attack; unilateral authentication; Authentication; Biometrics; Computational efficiency; Forgery; Information analysis; Information processing; Information security; Mobile communication; Mobile computing; Smart cards;

fLanguage

English

Publisher

ieee

Conference_Titel

9th International Multitopic Conference, IEEE INMIC 2005

Conference_Location

Karachi

Print_ISBN

0-7803-9429-1

Electronic_ISBN

0-7803-9430-5

Type

conf

DOI

10.1109/INMIC.2005.334490

Filename

4133505