Abstract
In recent times, Wei et al. proposed a secure smart card based on remote user password authentication scheme. Their scheme is more secure than other schemes. In this article, we will prove their scheme is vulnerable to password guessing attack, privileged insider attack, and denial of service attack. Furthermore, we will propose an improved scheme to eliminate the security vulnerability.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Prakash, A.: A biometric approach for continuous user authentication by fusing hard and soft traits. Int. J. Netw. Secur. 16, 65–70 (2014)
Osei, E.O., Hayfron-Acquah, J.B.: Cloud computing login authentication redesign. Int. J. Electron. Inf. Eng. 1(1), 1–8 (2014)
Ahmed, A., Younes, A., Abdellah, A., Sadqi, Y.: Strong zero-knowledge authentication based on virtual passwords. Int. J. Netw. Secur. 18(4), 601–616 (2016)
Feng, T.H., Ling, C.H., Hwang, M.S.: Cryptanalysis of Tan’s improvement on a password authentication scheme for multi-server environments. Int. J. Netw. Secur. 16, 318–321 (2014)
Li, L.H., Lin, I.C., Hwang, M.S.: A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans. Neural Networks 12, 1498–1504 (2001)
Ling, J., Zhao, G.: An improved anonymous password authentication scheme using nonce and bilinear pairings. Int. J. Netw. Secur. 17(6), 787–794 (2015)
Stanek, M.: Weaknesses of password authentication scheme based on geometric hashing. Int. J. Netw. Secur. 18(4), 798–801 (2016)
Zhu, H., Zhang, Y., Zhang, Y.: A provably password authenticated key exchange scheme based on chaotic maps in different realm. Int. J. Netw. Secur. 18(4), 688–698 (2016)
Zhuang, X., Chang, C.C., Wang, Z.H., Zhu, Y.: A simple password authentication scheme based on geometric hashing function. Int. J. Netw. Secur. 16, 271–277 (2014)
Amin, R.: Cryptanalysis and efficient dynamic ID based remote user authentication scheme in multi-server environment using smart card. Int. J. Netw. Secur. 18(1), 172–181 (2016)
Anwar, N., Riadi, I., Luthfi, A.: Forensic SIM card cloning using authentication algorithm. Int. J. Electron. Inf. Eng. 4(2), 71–81 (2016)
Chang, C.-C., Hsueh, W.-Y., Cheng, T.-F.: An advanced anonymous and biometrics-based multi-server authentication scheme using smart cards. Int. J. Netw. Secur. 18(6), 1010–1021 (2016)
He, D., Zhao, W., Wu, S.: Security analysis of a dynamic ID-based authentication scheme for multi-server environment using smart cards. Int. J. Netw. Secur. 15, 282–292 (2013)
Huang, H.F., Chang, H.W., Yu, P.K.: Enhancement of timestamp-based user authentication scheme with smart card. Int. J. Netw. Secur. 16, 463–467 (2014)
Yanrong, L., Yang, X., Xiaobo, W.: A secure anonymous authentication scheme for wireless communications using smart cards. Int. J. Netw. Secur. 17(3), 237–245 (2015)
Wang, Y., Peng, X.: Cryptanalysis of two efficient password-based authentication schemes using smart cards. Int. J. Netw. Secur. 17(6), 728–735 (2015)
Wijayanto, H., Hwang, M.-S.: Improvement on timestamp-based user authentication scheme with smart card lost attack resistance. Int. J. Netw. Secur. 17(2), 160–164 (2015)
Chen, B.L., Kuo, W.C., Wuu, L.C.: Robust smart-card-based remote user password authentication scheme. Int. J. Commun. Syst. 27(2), 377–389 (2014)
Li, X., Niu, J., Khan, M.K., Liao, J.: An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5), 1365–1371 (2013)
Wei, J., Liu, W., Xuexian, H.: Secure and efficient smart card based remote user password authentication scheme. Int. J. Netw. Secur. 18(4), 782–792 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Tsai, CY., Pan, CS., Hwang, MS. (2017). An Improved Password Authentication Scheme for Smart Card. In: Xhafa, F., Patnaik, S., Yu, Z. (eds) Recent Developments in Intelligent Systems and Interactive Applications. IISA 2016. Advances in Intelligent Systems and Computing, vol 541. Springer, Cham. https://doi.org/10.1007/978-3-319-49568-2_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-49568-2_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49567-5
Online ISBN: 978-3-319-49568-2
eBook Packages: EngineeringEngineering (R0)