Security Improvements on the Remote User Authentication Scheme Using Smart Cards (스마트카드를 사용한 원격 사용자 인증 스킴의 시큐리티 개선에 관한 연구 )

Seo Jeong-Man (서정만); Younghwa An (안영화)

Security Improvements on the Remote User Authentication Scheme Using Smart Cards

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2010, 15(3), pp.91-97
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

Seo Jeong-Man ¹, Younghwa An ²

¹한국재활복지대학
²강남대학교

Accredited

ABSTRACT

Recently Hu-Niu-Yang proposed the user authentication scheme to improve Liu et al's scheme. But the Hu-Niu-Yang's scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we proved that Hu-Niu-Yang's scheme is vulnerable to the off-line password guessing attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Also, the improved user authentication scheme solving the security vulnerability was introduced, thus preventing the attacks, such as password guessing attack, forgery attack impersonation attack, and replay attack. For preventing those attacks, the our proposed scheme need more hash functions and exclusive-OR operations than Hu-Niu-Yang's scheme.

KEYWORDS

User Authentication, Smart Card, Password Guessing Attack

Citation status

* References for papers published after 2023 are currently being built.

[journal] J.Xu / 2009 / An improved smart card based password authentication scheme with provable security / Computers Standards & Interfaces, 31 : 723~728

[confproc] P.Kocher / 1999 / Differential power analysis / Proceedings of Advances in Cryptology(CRYPTO 99 : 388~397

[journal] T.S.Messerges / 2002 / Examining smart-card security under the threat of power analysis attacks / IEEE Transactions on Computers 51(5) : 541~552

[journal] L.Lamport / 1981 / Password authentication with insecure communication / Communications of the ACM 24(11) : 770~772

[journal] C.C.Chang / 1991 / Remote password authentication with smart card / IEEE Proceedings-E 138(3) : 165~168

[journal] H.Y.Chien / 2002 / An efficient and practical solution to remote authentication using smart card / Computers & Security 21(4) : 372~375

[journal] C.L.Hsu / 2003 / Security of two remote user authentication schemes using smart card / IEEE Transactions on Consumer Electronics 49(4) : 1196~1198

[confproc] J.Q. Liu / 2005 / An enhanced remote login authentication with smart card / Proceedings of IEEE Workshop on Signal Processing Systems Design and Implementation : 229~232

[journal] L.L. Hu / 2009 / Weakness and improvements of a remote user authentication scheme using smart card / The journal of China univ. of posts and telecommunications 14 : 91~94

[journal] E.J. Yoon / 2004 / Further improvements of an efficient password based remote user authentication scheme using smart cards / IEEE Transactions on Consumer Electronics 50(2) : 612~614

[confproc] X.Duan / 2006 / Security improvements on Chien et al.'s remote user authentication scheme using smart cards / IEEE International conference on Computational Intelligence and Security(CIS 2006), : 1133~1135

[journal] C.W.Lin / 2006 / ANewStrong-Password Authentication Scheme Using One-Way Hash Functions / Journal of Computer and Systems Sciences International 45(4) : 623~626

[journal] H.C Hsiang / 2009 / Weakness and improvements of the Yoon-Ryu-Yoo remote user authentication scheme using smart cards / Computer Communications 32 : 649~652

[journal] 신광철 / 2007 / Secure OTP Smart Card Authentication Protocol for Denial of Service / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 12(6) : 201~206

[journal] 안영화 / 2009 / Analysis to a Remote User Authentication Scheme Using Smart Cards / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 14(3) : 133~138

[journal] 이영숙 / 2010 / Cryptanalysis and Enhancement of a Remote User Authentication Scheme Using Smart Cards / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 15(1) : 139~147

[journal] 최병훈 / 2009 / A Study of Authentication of Using Multi-factor / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 14(7) : 73~80

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65