Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Assurance

ISA 2010: Information Security and Assurance pp 9–16Cite as

Security Improvement on a Remote User Authentication Scheme Using Smart Cards

  • Conference paper

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 76))

Abstract

Authentication is a very important ingredient service for the network system to verify whether a remote user is legal through any insecure channel. Recently, Hsiang and Shih proposed a remote user authentication scheme as an improved scheme over Yoon-Ryu-Yoo’s, and asserted that their scheme could escape from masquerade attack, parallel session attack, etc. In this paper, we show that Hsiang and Shih’s scheme still suffers from parallel session attack. To mend the problem, we offer a procedure to improve Hsiang and Shih’s scheme. Consequently, our scheme is suitable for applications with higher secure requirement.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chien, H., Jan, J., Tseng, Y.: An efficient and practical solution to remote authentication smart card. Computers & Security 21(4), 372–375 (2002)

    Article  Google Scholar 

  2. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory IT-21(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  3. Duan, X., Liu, J., Zhang, Q.: Security improvement on Chien Et Al.’s remote user authentication scheme using smart cards. In: The 2006, IEEE International Conference on Computational Intelligence and Security (CIS 2006), vol. 2, pp. 1133–1135 (2006)

    Google Scholar 

  4. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Trans. Inf. Syst. Secur. 2(3), 230–268 (1999)

    Article  Google Scholar 

  5. Hsiang, H., Shih, W.: Weaknesses and improvements of the YoonRyuYoo remote user authentication scheme using smart cards. Computer Communications 32(4), 649–652

    Google Scholar 

  6. Hwang, M., Li, L.: A new remote user authentication scheme using smart card. IEEE Transactions on Consumer Electronics 46(1), 28–30 (2000)

    Article  Google Scholar 

  7. Hwang, T., Chen, Y., Laih, C.: Non-interactive password authentication without password tables. In: IEEE region 10 conference on computer and communication system, September 1990, vol. 1, pp. 429–431 (1990)

    Google Scholar 

  8. Hwang, T., Ku, W.: Reparable key distribution protocols for Internet environments. IEEE Trans. Consum. Electron. 43(5), 1947–1949 (1995)

    Google Scholar 

  9. Joux, A.: A One Round Protocol for Tripartite Diffie–Hellman. J. Cryptology 17, 263–276 (2004), doi:10.1007/s00145-004-0312-y

    Article  MATH  MathSciNet  Google Scholar 

  10. Ku, W., Chen, S.: Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(1), 204–207 (2004)

    Article  Google Scholar 

  11. Ku, W., Chen, C., Lee, H.: Cryptanalysis of a variant of Peyravian–Zunic’s password authentication scheme. IEICE Transactions on Communication E86-B(5), 1682–1684 (2003)

    Google Scholar 

  12. Lamport, L.: Password authentication with insecure communication. Communications of the ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  13. Lee, W., Chang, C.: User identification and key distribution maintaining anonymity for distributed computer network. Comput. Syst. Sci. 15(4), 211–214 (2000)

    MathSciNet  Google Scholar 

  14. Lennon, R., Matyas, S., Mayer, C.: Cryptographic authentication of time invariant quantities. IEEE Transactions on Communications 29(6), 773–777 (1981)

    Article  Google Scholar 

  15. Liao, I., Lee, C., Hwang, M.: A password authentication scheme over insecure networks. J. Comput. System Sci. 72(4), 727–740 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  16. Mitchell, C.: Limitations of challenge-response entity authentication. Electronic Letters 25(17), 1195–1196 (1989)

    Article  Google Scholar 

  17. Sun, H.: An efficient remote use authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(4), 958–961 (2000)

    Article  Google Scholar 

  18. Yang, G., Wong, D., Wang, H., Deng, X.: Two-factor mutual authentication based on smart cards and passwords. Journal of Computer and System Sciences (May 15, 2008) (in press) (corrected Proof)

    Google Scholar 

  19. Yen, S., Liao, K.: Shared authentication token secure against replay and weak key attack. Information Processing Letters, 78–80 (1997)

    Google Scholar 

  20. Yoon, E., Ryu, E., Yoo, K.: Further improvement of an efficient password based remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(2), 612–614 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, National Tsing Hua University, No. 101, Kuang Fu Rd, Sec. 2, 300, HsingChu, Taiwan, ROC

    Tien-Ho Chen & Wei-Kuan Shih

  2. Department of Information Management, Vanung University, Taiwan, R.O.C

    Han-Cheng Hsiang

Authors
  1. Tien-Ho Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Han-Cheng Hsiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wei-Kuan Shih
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Calcutta, India

    Samir Kumar Bandyopadhyay

  2. Braunschweig University of Technology, Braunschweig, Germany

    Wael Adi

  3. Hannam University, 306-791, Daejeon, South Korea

    Tai-hoon Kim

  4. The University of Alabama, Tuscaloosa, AL, USA

    Yang Xiao

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, TH., Hsiang, HC., Shih, WK. (2010). Security Improvement on a Remote User Authentication Scheme Using Smart Cards. In: Bandyopadhyay, S.K., Adi, W., Kim, Th., Xiao, Y. (eds) Information Security and Assurance. ISA 2010. Communications in Computer and Information Science, vol 76. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13365-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-13365-7_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-13364-0

  • Online ISBN: 978-3-642-13365-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation