본문 바로가기
  • Home

A Study on Weakness of a Secure Dynamic Identify based Remote User Authentication scheme for Multi-server Environment using Smart Card

  • Journal of Knowledge Information Technology and Systems
  • Abbr : JKITS
  • 2015, 10(5), pp.523-536
  • Publisher : Korea Knowledge Information Technology Society
  • Research Area : Interdisciplinary Studies > Interdisciplinary Research
  • Published : October 31, 2015

Kwang Cheul Shin ORD ID 1

1성결대학교

Accredited

ABSTRACT

Recently, in the multi-server environment, many studies have been conducted based upon remote user authentication scheme by dynamic identifier. For the access of legally permitted user to application server and protection of sensitive information, smart card and bio-based password authentication scheme were published. Lee-Lin-Chang's scheme found a vulnerability of Hsiang-Shih's scheme and announced an improved scheme in 2011. But Lee et al's scheme showed weakness to various attacks when the smart card was stolen or third party eavesdropped on network. Also, it is vulnerable in smart card stolen attack, malicious user attacks, server attacks (impersonation attacks) and replay attacks since the shared information of each server and registration center are the same. In this paper, I suggest the improved scheme which is secure to user and server impersonation attack, replay attack, smart card stolen attack and password guessing attack by designing to allow access to multi-server with only one registration to the registration center rather than separating registration for each server. Efficiency of security, convenience and operating cost are enhanced by only using one-way hash function.

Citation status

* References for papers published after 2023 are currently being built.