Browse > Article
http://dx.doi.org/10.5762/KAIS.2011.12.10.4612

Cryptanalysis and Enhancement of the An's Remote User Authentication Scheme using the Smart Cards  

Shin, Seung-Soo (Dept. of Information Security, College of Information & Communication, Tongmyong University)
Han, Kun-Hee (Division of Information & Communication Engineering, Baekseok University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.12, no.10, 2011 , pp. 4612-4617 More about this Journal
Abstract
Hsiang-Shin proposed a user authentication scheme which was created by improving Yoon's scheme. Afterwards, An showed the failure to meet security requirements which are considered in user authentication using password-based smart card in Hsiang-Shih-suggested scheme. In other words, it was found that an attacker can steal a user's card, and detect a user's password by temporarily accessing it and extracting the information stored in it. However, An-proposed scheme also showed its vulnerability to password-guessing attack and forgery/impersonation attack, etc. and thus, this paper proposed the improved user authentication scheme. The proposed authentication scheme can thwart the password-guessing attack completely and this paper proposed scheme also includes an efficient mutual authentication method that can make it possible for users and authentication server to certify the other party.
Keywords
User Authentication; Smart Cards; Password Guessing Attack; Replay Attack;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 S. M. Chen, W. C. Ku, "Weakness and improvements of an efficient password based remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, 50(1), pp. 204-207, 2004.   DOI
2 E. J. Yoon, E. K. Ryu, K. Y. Yoo, "Further improvements of an efficient password based remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, 50(2), pp. 612-614, 2004.   DOI
3 X. Duan, J. W. Liu, Q. Zhang, " Security improvements on Chien et al's remote user authentication scheme using smart cards," IEEE International conference on Computational Intelligence and Security (CIS 2006), 2, pp. 1133-1135, 2006.
4 H. C. Hsiang, W. K. Shih, "Weakness and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards," Computer Communications 32,pp. 649-652, 2009.   DOI
5 An, "Improvements of the Hsiang-Shih's remote user authentication scheme using smart cards," Journal of the Korea Society of Computer and Information, Vol. 15, No.2, pp. 119-125, 2010.   과학기술학회마을   DOI
6 P. Kocher, J. Jaffe, B. Jun, "Differential power analysis," Proceedings of Advances in Cryptology (CRYPTO 99), pp. 388-398, 1999.
7 T.S, Messerges, E.A, Dabbish, R.H. Sloan, "Examining smart-cards security under the threat of power analysis attacks," IEEE Transactions on Computers, 51(5), pp. 541-552, 2002.   DOI
8 H.Y. Chien, J .K. Jan, Y. M. Tseng, "An efficient and practical solution to remote authentication using smart card," Computers & Security, 21(4), pp. 372-375, 2002.   DOI
9 L. Lamport, "Password Authentication with Insecure Communication", Communications of the ACM, Vol.24, No.11, pp. 770-772, 1981.   DOI