Abstract
Due to the rapid progress of information technology, computer systems with the client/server architecture have been becoming a new way in multi-user computing environments. For the environment of single server, the issue of remote login authentication has already been solved by a variety of schemes, but it has not been efficiently solved for multi-server Internet environments yet. In this paper, we will present an efficient smart card based remote login authentication scheme for multi-server Internet environments, which can verify a single password for logining multiple authorized servers without using any password verification table. The objective of the new scheme emphasizes that any client can get service grant from multiple servers without repetitive registration to each server. The proposed scheme’s advantages include that not only repetitive registration for various servers is avoided, but also the network users can freely choose their preferred passwords and be deleted easily by the system. Moreover, security analyses about the impersonation and replay attacks on the proposed scheme validate the feasibility of the scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Davies, D.W., Price, W.L.: Security for Computer Networks — An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer. 2nd Edition. Wiley, Chichester (1989)
Denning, D.E.R.: Cryptography and Data Security. Addison-Wesley, Reading, MA (1982)
Pfleeger, C.P.: Security in Computing. 2nd Edition. Prentice-Hall, Englewood Cliffs, NJ (1997)
Seberry, J., Pieprzyk, J.: Cryptography — An Introduction to Computer Security. Prentice-Hall, Englewood Cliffs, NJ (1989)
Menkus, B.: Understanding the Use of Passwords. Computers & Security 7 (1988) 132–136
Purdy, G.P.: A High Security Login Procedure. Communications of the ACM 17 (1974)442–445
Evans, A., Kantrowitz, W., Weiss, E.: A User Authentication Scheme Not Requiring Secrecy in the Computer. Communications of the ACM 17 (1974) 437–442
Lennon, R.E., Matyas, S.M., Meyer, C.H.: Cryptographic Authentication of Time-Invariant Quantities. IEEE Transactions on Communications 29 (1981) 773–777
Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24 (1981) 770–772
Chang, C.C., Wu, T.C.: Remote Password Authentication with Smart Card IEE Proceedings-E 138 (1991) 165–168
Peyret, P., Lisimaque, G., Chua, T.Y.: Smart Cards Provide Very High Security and Flexibility in Subscribers Management. IEEE Transactions on Consumer Electronics 36 (1990) 744–752
Sternglass, D.: The Future Is in the PC Cards. IEEE Spectrum 29 (1992) 46–50
Wu, T.C.: Remote Login Authentication Scheme Based on a Geometric Approach. Computer Communications 18 (1995) 959–963
Chang, C., Laih, C.S.: Comment on Remote Password Authentication with Smart Cards. IEE Proceedings-E 139(1992) 372–372
Chang, C.C., Hwang, S.J.: Using Smart Cards to Authenticate Remote Passwords. Computers & Mathematics with Applications 26 (1993) 19–27
Wang, S.J., Chang, J.F.: Smart Card Based Secure Password Authentication Scheme. Computers & Security 15 (1996) 231–237
Rivest, R., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21 (1978) 120–126
Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22 (1976) 644–654
El-gamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Transactions on Information Theory 31 (1985) 469–472
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tsaur, WJ. (2001). A Flexible User Authentication Scheme for Multi-server Internet Services. In: Lorenz, P. (eds) Networking — ICN 2001. ICN 2001. Lecture Notes in Computer Science, vol 2093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47728-4_18
Download citation
DOI: https://doi.org/10.1007/3-540-47728-4_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42302-7
Online ISBN: 978-3-540-47728-0
eBook Packages: Springer Book Archive