Open AccessJournal Article
Weaknesses of a Remote User Password Authentication Scheme Using Smart Card.
Debiao He,Jianhua Chen,Jin Hu +2 more
TLDR
Remote authentication is a method to authenticate remote users over insecure communication channel and Hsiang et al.Abstract:
Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, Hsiang et al. pointed out that Yoon et al’s scheme is vulnerable to parallel session attack, masquerading attack and password guess attack. They proposed an improved scheme to remedy these pitfalls. They claimed their scheme can against parallel session attack, masquerading attack and password guess attack. However, we find that Hsiang et al.’s scheme is vulnerable password guess attack, masquerading user attack and masquerading server attack.read more
Citations
More filters
Journal Article
Guessing Attacks on Strong-Password Authentication Protocol
TL;DR: The authors shall show that the OSPA protocol is vulnerable to the guessing attacks in this paper.
Journal Article
An Improved Efficient Remote Password Authentication Scheme with Smart Card over Insecure Networks
TL;DR: This paper proposes an improved scheme with enhanced security, maintaining advantages of the original scheme and free from the attacks pointed out by Yoon-Yoo and Xiang et al.
Journal ArticleDOI
Smart card-based secure authentication protocol in multi-server IoT environment
Won-il Bae,Jin Kwak +1 more
TL;DR: A smart card-based authentication protocol is proposed, which performs the authentication for each entity by allowing users to go through the authentication process using a smart card transmitted from an authentication server, and to login to a server connected to the IoT.
Journal ArticleDOI
Exploiting hash functions to intensify the remote user authentication scheme
Wen-Bin Hsieh,Jenq-Shiou Leu +1 more
TL;DR: This paper describes how a malicious insider carries out an infringed account attack and then presents a resembling account attack on Hsiang-Shih's scheme, and proposes an improvement assisted by hashing functions to enhance the scheme.
Journal Article
A Robust and Efficient Timestamp-based Remote User Authentication Scheme with Smart Card Lost Attack Resistance.
TL;DR: This scheme is based on elliptic curve discrete logarithm problem (ECDLP) and provides lost smart card attack resistance and is proved to be more secure than Awasthi et al.
References
More filters
Book ChapterDOI
Differential Power Analysis
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Journal ArticleDOI
Password authentication with insecure communication
TL;DR: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system.
Journal ArticleDOI
Examining smart-card security under the threat of power analysis attacks
TL;DR: In this paper, the authors examined the noise characteristics of the power signals and developed an approach to model the signal-to-noise ratio (SNR) using a multiple-bit attack.
Journal ArticleDOI
A new remote user authentication scheme using smart cards
Min-Shiang Hwang,Li-Hua Li +1 more
TL;DR: This work proposes a new remote user authentication scheme using smart cards based on the ElGamal's (1985) public key cryptosystem that can withstand message replaying attack.
Journal ArticleDOI
An Efficient and Practical Solution to Remote Authentication: Smart Card
TL;DR: This work provides mutual authentication between the user and the server and achieves more functionality and requires much less computational cost than other smart card-based schemes.