A Study on the User Authentication Scheme with Forward Secrecy (순방향 비밀성을 제공하는 사용자 인증 스킴에 관한 연구)

Younghwa An (안영화)

A Study on the User Authentication Scheme with Forward Secrecy

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2011, 16(2), pp.183-192
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

Younghwa An ¹

¹강남대학교

Accredited

ABSTRACT

Recently Wang-Li proposed the remote user authentication scheme using smart cards. But the proposed scheme has not been satisfied security requirements considering in the user authentication scheme using the password based smart card. In this paper, we described the Wang-Li and Yoon et al.'s authentication scheme simply, and we prove that the Wang-Li's scheme is vulnerable to a password guessing attack and impersonation attack in case that the attacker steals the user's smart card and extracts the information in the smart card. Accordingly, we propose the improved user authentication scheme based on the hash function and generalized ElGamal signature scheme that can withstand many possible attacks including a password guessing attack, impersonation attack and replay attack, and that can offer the function of forward secrecy. The result of comparative analysis, the our proposed scheme is much more secure and efficient than the Wang-Li and Yoon et al.'s scheme.

KEYWORDS

User authentication, Smart card, Password guessing attack, Forward secrecy

Citation status

* References for papers published after 2023 are currently being built.

[journal] L. Lamport / 1981 / Password authentication with insecure communication / Communications of the ACM 24(11) : 770~772

[journal] M.S. Hwang / 2000 / A New remote user authentication scheme using smart cards / IEEE Trans. Consum. Electron 46(1)

[journal] C.K Chan / 2000 / Cryptanalysis of a remote user authentication scheme using smart cards / IEEE Trans. Consum. Electron 46(4) : 992~993

[journal] J.J Shen / 2003 / A modified remote user authentication scheme using smart cards / IEEE Trans. Consum. Electron 46(2) : 414~416

[book] Zuhua Shao / 2003 / Efficient deniable authentication protocol based on generalized ElGamal signature scheme / Article in press

[journal] B. Wang / 2006 / Forward-secure user authentication scheme with smart cards / International Journal of Network Security 3(2) : 116~119

[journal] E.J. Yoon / 2004 / Efficient remote user authentication scheme based on generalized ElGamal signature scheme / IEEE Trans. Consum. Electron 50(2) : 568~570

[journal] J. Xu / 2009 / An improved smart card based password authentication scheme with provable security / Computers Standards & Interfaces 31 : 723~728

[confproc] P. Kocher / 1999 / Differential power analysis / Proceedings of Advances in Cryptology (CRYPTO 99) : 388~397

[journal] T.S. Messerges / 2002 / Examining smart-card security under the threat of power analysis attacks / IEEE Transactions on Computers 51(5) : 541~552

[journal] W. Diffie / 1976 / New directions in cryptography / IEEE Transactions on Information Theory 22 : 644~654

[journal] 이영숙 / 2010 / Cryptanalysis and Enhancement of a Remote User Authentication Scheme Using Smart Cards / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 15(1) : 139~147

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65