Analysis of the Dynamic ID-Based Remote User Authentication Schemes Using Smart Card for Multi-Server Environments

Xue Lei Li; Qiao Yan Wen; Wen Min Li; Hua Zhang; Zheng Ping Jin

doi:10.4028/www.scientific.net/AMM.543-547.3343

Paper Titles

Common Modeling Method for Simulation Training Software
p.3324

Research for Reusable Component Technology Base on Virtual Simulation System
p.3330

Wireless LAN Security Vulnerabilities and Improvement Measures
p.3335

A Test Case Reuse Strategy on GUI Software
p.3339

Analysis of the Dynamic ID-Based Remote User Authentication Schemes Using Smart Card for Multi-Server Environments
p.3343

Research on the Integration Testing of Foundational Software and Hardware
p.3348

Research on Large Equipment Resource Sharing Platform Virtual Network Based on OGSA
p.3352

Research on Testability Analysis Methods of Complex Embedded Software
p.3356

Research on Gray-Box Testing Methods for Software Fault Injection
p.3360

HomeApplied Mechanics and MaterialsApplied Mechanics and Materials Vols. 543-547Analysis of the Dynamic ID-Based Remote User...

Analysis of the Dynamic ID-Based Remote User Authentication Schemes Using Smart Card for Multi-Server Environments

Abstract:

In this paper, we analyze and point out several weaknesses in the dynamic ID-based remote user authentication schemes using smart card for multi-server environments, and present the countermeasures to enhance the security of the schemes. Taking Li et al.'s scheme for instance, we demonstrate that their scheme does not provide forward secrecy and key privacy for the session keys, and cannot resist offline password guessing attack. Furthermore, the reasons of these security weaknesses are analyzed through extending the attacks to its predecessors. Finally, the improved ideas of local verification and authenticated Diffie-Hellman key agreement are presented to overcome the weaknesses mentioned above.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 543-547)

Pages:

3343-3347

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.543-547.3343

Citation:

Cite this paper

Online since:

March 2014

Authors:

Xue Lei Li*, Qiao Yan Wen, Wen Min Li, Hua Zhang, Zheng Ping Jin

Keywords:

Authentication, Key Agreement, Multi-Server Architecture, Password, Smart Card

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

* - Corresponding Author

References

[1] Y. P Liao, S. S Wang, A Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment, Computer Standards & Interfaces, 31(2009), 24-29.

DOI: 10.1016/j.csi.2007.10.007

Google Scholar

[2] H. C Hsiang, W. K Shih, Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment, Computer Standards & Interfaces, 31(2009), 1118-1123.

DOI: 10.1016/j.csi.2008.11.002

Google Scholar

[3] C. C Lee, T. H Lin, Chang R.X., A Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment Using Smart Cards, Expert Systems with Applications, 38(2011), 13863-13870.

DOI: 10.1016/j.eswa.2011.04.190

Google Scholar

[4] X Li, J Ma, W. D Wang, Y. P Xiong, J. S Zhang, A Novel Smart Card and Dynamic ID Based Remote User Authentication Scheme for Multi-server Environments, Mathematical and Computer Modeling, 2012, DOI: 10. 1016/j. mcm. 2012. 06. 033.

DOI: 10.1016/j.mcm.2012.06.033

Google Scholar

[5] P Kocher, J Jaffe, B Jun, Differential Power Analysis, Advances in Cryptology-CRYPTO'99, LNCS 1666: 388-397, (1999).

DOI: 10.1007/3-540-48405-1_25

Google Scholar

[6] T. S Messerges, E. A Dabbish, R. H Sloan, Examining Smart-card Security under the Threat of Power Analysis Attacks, IEEE Transactions on Computers, 51(2002), 541-552.

DOI: 10.1109/tc.2002.1004593

Google Scholar

[7] X.F. Leng, Smart Card Application and Security, Information Security Technical Report, 14(2009), 36-45.

DOI: 10.1016/j.istr.2009.06.006

Google Scholar