Browse > Article
http://dx.doi.org/10.33778/kcsa.2020.20.4.209

Security Enhancement of Lightweight User Authentication Scheme Using Smartcard  

Lee, Youngsook (호원대학교 IT소프트웨어보안학과)
Publication Information
Convergence Security Journal / v.20, no.4, 2020 , pp. 209-215 More about this Journal
Abstract
The environment of the Internet provides an efficient communication of the things which are connected. While internet and online service provide us many valuable benefits, online services offered and accessed remotely through internet also exposes us to many different types of security threats. Most security threats were just related to information leakage and the loss of authentication on client-server environment. In 2016, Ahmed et al. proposed an efficient lightweight remote user authentication protocol. However, Kang et al. show that it's scheme still unstable and inefficient. It cannot resist offline identity guessing attack and cannot provide session key confirmation property. Moreover, there is some risk of biometric information's recognition error. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in device. In addition, our proposed scheme should provide not only security, but also efficiency since we only use hash function and XOR operation.
Keywords
User Authentication Scheme; Smart Card; Session Key; Hash function; Idendity Guessing Attack;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Omar Cheikhrouhou, Anis Koubaa, Manel Boujelben, and Mohamed Abid, "A Lightweight User Authentication Scheme for Wireless Sensor Networks", Ad Hoc Networks, Vol. 9, No. 5, pp. 727-735, 2011.   DOI
2 Hwang, Min-Shiang, and Li-Hua Li, "A new remote user authentication scheme using smart cards." IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28-30, 2000.   DOI
3 Al_Sahlani, Ahmed YF, and Songfeng Lu, "Lightweight Communication Overhead Authentication Scheme Using Smart Card." Indonesian Journal of Electrical Engineering and Computer Science Vol. 1, No. 3, pp. 597-606, 2016.   DOI
4 D. Kang, J. Jung, H. Yang, Y. Choi, and D Won, "Cryptanalysis of Lightweight User Authentication Scheme Using Smartcard", AHFE 2017, Los Angeles, USA, pp. 78-84, 2017.
5 Y. Lee, "Security Analysis of a Biometric-Based User Authentication Scheme", The Korea-Society of Digital Industry& Information Management, Vol. 10, No.1, pp. 81-87, 2014.
6 Y. Choi, Y. Lee, D. Won, "Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction", International Journal of Distributed Sensor Networks Volume 2016, Article ID 8572410, 16 pages http://dx.doi.org/10.1155/2016/8572410, 2016.   DOI
7 Y. Lee, "Security Analysis to an Biometric Authentication Protocol for wireless Sensor Networks", The Korea-Society of Digital Industry& Information Management, Vol. 11, No. 1, pp. 59-67, 2015.   DOI
8 Lee, Hanwook, et al., "Forward Anonymity-Preserving Secure Remote Authentication Scheme." KSII Transactions on Internet & Information Systems, Vol. 10, No. 3, 2016.
9 Chien, Hung-Yu, and Che-Hao Chen, "A remote authentication scheme preserving user anonymity", Advanced Information Networking and Applications, AINA 2005 19th International Conference on. Vol. 2. IEEE, 2005.
10 Y. Lee, J. Nam, J Kwak, and D Won, "Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting", KES-AMSTA, LNAI 4496, pp. 616-625, 2007.
11 Y. Lee, "Security Enhancement to an Biometric Authentication Protocol for WSN Environment", Journal of Information and Security, Vol. 10, No. 1, pp. 83-88, 2016.