For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Study on Informatization Management of Personnel in Colleges
p.2161
A Parallel Programming Pattern Based on Directed Acyclic Graph
p.2165
The Research of Internet of Things in Military Logistic Management
p.2170
An Empirical Analysis of Developer Collaboration Network
p.2177
An Improvement Password-Based Authentication Protocol Using Smart Card
p.2182
Application of Virtual Reality Technology in the Distribution Network Living Work Methods Research
p.2186
Three-Dimensional Distribution Operation Simulation Training System
p.2191
Robust Curvature Estimation on Scattered Point Cloud
p.2198
The Pose of Data Model and Research Based on Analysis of Intelligent Test Paper
p.2203

An Improvement Password-Based Authentication Protocol Using Smart Card

Article Preview

Abstract:

To access resources from a remote system, the user authentication is a very important security mechanism. Among remote authentication protocol, password-based authenticated key exchange protocol is most popular since the two communication entities only shared a human-memorable password can establish a session key which is used to protected their later communication over an insecure networks. Recently, Xu Zhu proposed improved password-based protocol using smart card based on previous research. He claims that his protocol is secure against various attacks. However, Song points out that the Xu Zhu’s protocol suffers from attacks. In addition, Song gives an improved version of Xu Zhu. In this paper, we first found Song’s protocol also is vulnerable to off-line dictionary attack. Later, we extend Song’s protocol so that the extended protocol can resist to off-line dictionary attack even if an adversary captures the smart card.

You might also be interested in these eBooks
Sensors, Measurement and Intelligent Materials View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 303-306)

Pages:

2182-2185

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.303-306.2182

Citation:

Cite this paper

Online since:

February 2013

Authors:

Hui Liu

Keywords:

Network Security, Offline Dictionary Attack, Protocol, Smart Card

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Bellovin S M, Merritt M. Encrypted key exchange: password-based protocols secure against dictionary attacks: In: Cooper D, ed. Proc of the 1992 IEEE Symposium on Security and Privacy. Washington: IEEE Computer Society Press, 1992. 72-84.

DOI: 10.1109/risp.1992.213269

Google Scholar

[2] DV. Klein, Foiling the cracker: a survey of, and improvements to password security, Proceedings of the second USENIX UNIX security workshop, p.5–14. (1990).

Google Scholar

[3] R. Morris, K. Thompson, Password security: a case history. Communications of the ACM, 22(11), p.594–597, (1979).

DOI: 10.1145/359168.359172

Google Scholar

[4] S. Halevi, H. Krawczyk, Public-key cryptography and password protocols, Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, CA, p.122–131. (1998).

DOI: 10.1145/288090.288118

Google Scholar

[5] L. Lamport, Password authentication with insecure communication, communication of the ACM, vol. 24, no. 11, pp.770-772, 1981.M. S.

DOI: 10.1145/358790.358797

Google Scholar

[6] N. Haller. The S/KEY one-time password system., Proceeding of the ISOC Symposium on Network and Distributed System Security, 1994, p.151–157.

Google Scholar

[7] W. S. Juang, Efficient password authenticated key agreement using smart card, Computer & Security, 23, p.167–173. (2004).

DOI: 10.1016/j.cose.2003.11.005

Google Scholar

[8] M.S. Hwang, C.C. Lee, Y.L. Tang, A simple remote user authentication scheme, Mathematical and Computer Modelling, 36, p.103–107. (2002).

DOI: 10.1016/s0895-7177(02)00106-1

Google Scholar

[9] J. Xu, W. -T Zhu, and D. -G Feng. An improved smart card based password authentication scheme with provable security., Computer Stan- dards & Interfaces 31723–728. (2009).

DOI: 10.1016/j.csi.2008.09.006

Google Scholar

[10] R. Song. Advanced smart card based password authentication protocol., Computer Standards & Interfaces, doi: 10. 1016/j. csi. 2010. 03. 008. (2010).

DOI: 10.1016/j.csi.2010.03.008

Google Scholar

[11] M. S. Hwang and L. H. Li A new remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, p.28‐30, February. (2000).

DOI: 10.1109/30.826377

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.