Abstract
The user authentication scheme has been widely applied to verify the users’ legality. In order to enhance the security, the smart card has widely used in an authentication scheme. Recently, Liu et al. shown that some weaknesses exist in Li et al.’s scheme. An efficient and secure user authentication scheme with a smart card presented by them is more efficient and secure than other schemes. However, the security issues of their scheme proposed by them also exist, so we will demonstrate that their scheme is vulnerable to the replaying attack.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ahmed, A., Younes, A., Abdellah, A., Sadqi, Y.: Strong zero-knowledge authentication based on virtual passwords. Int. J. Netw. Secur. 18(4), 601–616 (2016)
Amin, R.: Cryptanalysis and efficient dynamic ID based remote user authentication scheme in multi-server environment using smart card. Int. J. Netw. Secur. 18(1), 172–181 (2016)
Anwar, N., Riadi, I., Luthfi, A.: Forensic SIM card cloning using authentication algorithm. Int. J. Electron. Inf. Eng. 4(2), 71–81 (2016)
Chang, C.-C., Hsueh, W.-Y., Cheng, T.-F.: An advanced anonymous and biometrics-based multi-server authentication scheme using smart cards. Int. J. Netw. Secur. 18(6), 1010–1021 (2016)
Chen, B.L., Kuo, W.C., Wuu, L.C.: Robust smart-card-based remote user password authentication scheme. Int. J. Commun. Syst. (in press). http://dx.doi.org/10.1002/dac.2368
Feng, T.H., Ling, C.H., Hwang, M.S.: Cryptanalysis of Tan’s improvement on a password authentication scheme for multi-server environments. Int. J. Netw. Secur. 16, 318–321 (2014)
He, D., Zhao, W., Wu, S.: Security analysis of a dynamic ID-based authentication scheme for multi-server environment using smart cards. Int. J. Netw. Secur. 15, 282–292 (2013)
Huang, H.F., Chang, H.W., Yu, P.K.: Enhancement of timestamp-based user authentication scheme with smart card. Int. J. Netw. Secur. 16, 463–467 (2014)
Hwang, M.S., Chong, S.K., Chen, T.Y.: Dos-resistant ID-based password authentication scheme using smart cards. J. Syst. Softw. 83, 163–172 (2000)
Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46, 28–30 (2000)
Li, C.T., Hwang, M.S.: An online biometrics-based secret sharing scheme for multiparty cryptosystem using smart cards. Int. J. Innovative Comput. Inf. Control 6, 2181–2188 (2010)
Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33, 1–5 (2010)
Li, L.H., Lin, I.C., Hwang, M.S.: A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans. Neural Netw. 12, 1498–1504 (2001)
Li, X., Niu, J., Khan, M.K., Liao, J.: An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. (in press). http://dx.doi.org/10.1016/j.jnca.2013.02.034
Lin, I.C., Hwang, M.S., Li, L.H.: A new remote user authentication scheme for multi-server architecture. Future Gener. Comput. Syst. 19, 13–22 (2003)
Ling, J., Zhao, G.: An improved anonymous password authentication scheme using nonce and bilinear pairings. Int. J. Netw. Secur. 17(6), 787–794 (2015)
Liu, Y., Chang, C.-C., Chang, S.-C.: An efficient and secure smart card based password authentication scheme. Int. J. Netw. Secur. 19(1), 1–10 (2017)
Lu, Y., Yang, X., Wu, X.: A secure anonymous authentication scheme for wireless communications using smart cards. Int. J. Netw. Secur. 17(3), 237–245 (2015)
Osei, E.O., Hayfron-Acquah, J.B.: Cloud computing login authentication redesign. Int. J. Electron. Inf. Eng. 1(1), 1–8 (2014)
Prakash, A.: A biometric approach for continuous user authentication by fusing hard and soft traits. Int. J. Netw. Secur. 16, 65–70 (2014)
Shen, J.J., Lin, C.W., Hwang, M.S.: Security enhancement for the timestamp-based password authentication scheme using smart cards. Comput. Secur. 22, 591–595 (2003)
Shen, J.J., Lin, C.W., Hwang, M.S.: A modified remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 49, 414–416 (2003)
Stanek, M.: Weaknesses of password authentication scheme based on geometric hashing. Int. J. Netw. Secur. 18(4), 798–801 (2016)
Tang, H., Liu, X., Jiang, L.: A robust and efficient timestamp-based remote user authentication scheme with smart card lost attack resistance. Int. J. Netw. Secur. 15, 446–454 (2013)
Wang, Y., Peng, X.: Cryptanalysis of two efficient password-based authentication schemes using smart cards. Int. J. Netw. Secur. 17(6), 728–735 (2015)
Wei, J., Liu, W., Hu, X.: Secure and efficient smart card based remote user password authentication scheme. Int. J. Netw. Secur. 18(4), 782–792 (2016)
Wijayanto, H., Hwang, M.-S.: Improvement on timestamp-based user authentication scheme with smart card lost attack resistance. Int. J. Netw. Secur. 17(2), 160–164 (2015)
Yang, C.C., Chang, T.Y., Hwang, M.-S.: The security of the improvement on the methods for protecting password transmission. Informatica 14, 551–558 (2003)
Zhu, H., Zhang, Y., Zhang, Y.: A provably password authenticated key exchange scheme based on chaotic maps in different realm. Int. J. Netw. Secur. 18(4), 688–698 (2016)
Zhuang, X., Chang, C.C., Wang, Z.H., Zhu, Y.: A simple password authentication scheme based on geometric hashing function. Int. J. Netw. Secur. 16, 271–277 (2014)
Acknowledgments
This study was supported by the National Science Council of Taiwan under grant MOST 104-2221-E-468 -004 and MOST 103-2221-E-468 -026.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Liu, CW., Tsai, CY., Hwang, MS. (2017). Cryptanalysis of an Efficient and Secure Smart Card Based Password Authentication Scheme. In: Xhafa, F., Patnaik, S., Yu, Z. (eds) Recent Developments in Intelligent Systems and Interactive Applications. IISA 2016. Advances in Intelligent Systems and Computing, vol 541. Springer, Cham. https://doi.org/10.1007/978-3-319-49568-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-319-49568-2_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49567-5
Online ISBN: 978-3-319-49568-2
eBook Packages: EngineeringEngineering (R0)