• DocumentCode
    2496916
  • Title

    An Improved Two-factor Authentication Protocol

  • Author

    Pu, Qiong

  • Author_Institution
    Dept. of Electron., Inf. Eng. Univ., Zhengzhou, China
  • Volume
    2
  • fYear
    2010
  • fDate
    24-25 April 2010
  • Firstpage
    223
  • Lastpage
    226
  • Abstract
    Most recently, Yang et al proposed a new set of security requirements for two-factor smart-card-based password mutual authentication and then suggested a new scheme satisfying all their security requirements. In this paper, however, we first show one critical security weakness being overlooked, i.e., allowing key-compromise impersonation. We provide an attack to illustrate the adversary is able to masquerade any user to access the server´s service in their protocol once if the long-term key of the server is compromised. Thereafter, we suggests key-compromise impersonation resilience should be added as one more important security requirement for two-factor smart-card based password mutual authentication and then propose an improved protocol to eliminate the security weakness existing in Yang et al´s protocol.
  • Keywords
    authorisation; cryptographic protocols; message authentication; smart cards; key-compromise impersonation resilience; two-factor smart-card-based password mutual authentication; Access protocols; Authentication; Banking; Dictionaries; Information security; Information technology; Protection; Resilience;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Multimedia and Information Technology (MMIT), 2010 Second International Conference on
  • Conference_Location
    Kaifeng
  • Print_ISBN
    978-0-7695-4008-5
  • Electronic_ISBN
    978-1-4244-6602-3
  • Type

    conf

  • DOI
    10.1109/MMIT.2010.82
  • Filename
    5474366
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2496916