中国邮电高校学报(英文) ›› 2007, Vol. 14 ›› Issue (3): 91-94.doi: 1005-8885 (2007) 03-0091-04

• Artificial Intelligence • 上一篇    下一篇

Weaknesses and improvements of a remote user authentication scheme using smart cards

胡兰兰;钮心忻;杨义先   

  1. Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • 收稿日期:2006-12-18 修回日期:1900-01-01 出版日期:2007-09-30

Weaknesses and improvements of a remote user authentication scheme using smart cards

HU Lan-lan;NIU Xin-xin;YANG Yi-xian   

  1. Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2006-12-18 Revised:1900-01-01 Online:2007-09-30

摘要:

In 2005, Liu et al. proposed an improvement to Chien et al.’s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.’s scheme is vulnerable to masquerading server attack and has the system’s secret key forward secrecy problem. Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed. The proposed scheme does not only achieve their scheme’s advantages, but also enhances its security by withstanding the weaknesses just mentioned.

关键词:

authentication; security; smart cards

Abstract:

In 2005, Liu et al. proposed an improvement to Chien et al.’s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.’s scheme is vulnerable to masquerading server attack and has the system’s secret key forward secrecy problem. Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed. The proposed scheme does not only achieve their scheme’s advantages, but also enhances its security by withstanding the weaknesses just mentioned.

Key words:

authentication; security; smart cards

中图分类号: