Cryptanalysis and improvement of Chen-Hsiang-Shih's remote user authentication scheme using smart cards

Martínez-Peláez, Rafael; Rico-Novella, Francisco; Velarde-Alvarado, Pablo
September 2013
Revista Facultad de Ingenieria Universidad de Antioquia;sep2013, Issue 68, p27
Academic Journal
Recently, Chen-Hsiang-Shih proposed a new dynamic ID-based remote user authentication scheme. The authors claimed that their scheme was more secure than previous works. However, this paper demonstrates that their scheme is still unsecured against different kinds of attacks. In order to enhance the security of the scheme proposed by Chen-Hsiang-Shih, a new scheme is proposed. The scheme achieves the following security goals: without verification table, each user chooses and changes the password freely, each user keeps the password secret, mutual authentication, the scheme establishes a session key after successful authentication, and the scheme maintains the user's anonymity. Security analysis and comparison demonstrate that the proposed scheme is more secure than Das-Saxena-Gulati's scheme, Wang et al.'s scheme and Chen-Hsiang-Shih.


Related Articles

  • An Efficient Remote User Authentication with Key Agreement Scheme Using Elliptic Curve Cryptography. Huang, Baojun; Khan, Muhammad; Wu, Libing; Muhaya, Fahad; He, Debiao // Wireless Personal Communications;Nov2015, Vol. 85 Issue 1, p225 

    As the internet technology's evolution, identity authentication in the network is becoming more and more significant. In 2014, Qu et al. proposed a two-factor remote mutual authentication and key agreement scheme. They pointed out that their scheme could withstand smart card loss attack, offline...

  • Robust smart-cards-based user authentication scheme with user anonymity. Wu, Shuhua; Zhu, Yuefei; Pu, Qiong // Security & Communication Networks;Feb2012, Vol. 5 Issue 2, p236 

    In this paper, we mainly investigate anonymous user authentication scheme using smart card. We first demonstrate security weaknesses still exist in two such schemes recently propose by Wang et al. and Tsai et al., respectively according to Wang et al.'s criteria. Thereafter, we propose an...

  • Efficient techniques of key management and quantum cryptography in RFID networks. Thayananthan, Vijey; Alzahrani, Ahmed; Qureshi, Muhammad Shuaib // Security & Communication Networks;Mar2015, Vol. 8 Issue 4, p589 

    An efficient way of handling security keys using quantum cryptography (QC) for increasing security in radio frequency identification (RFID) networks is being investigated by network security industries. To establish secure RFID network, communication between any two nodes that hold RFID tags...

  • An efficient biometric-based privacy-preserving three-party authentication with key agreement protocol using smart cards. Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit // Security & Communication Networks;Dec2015, Vol. 8 Issue 18, p4136 

    In communication systems, authentication protocols play an important role in protecting sensitive information against a malicious adversary by means of providing a variety of services such as mutual authentication, user credentials' privacy, and user revocation facility when the smart card of...

  • Analyses of several recently proposed group key management schemes. Liu, Niu; Tang, Shaohua; Xu, Lingling; He, Daojing // Security & Communication Networks;Jan2015, Vol. 8 Issue 2, p136 

    ABSTRACT Designing group key management schemes is a troubled field. In this paper, we review three schemes recently proposed, including Kayam's scheme for groups with hierarchy, Piao's group key management (KM) scheme, Purushothama's group KM schemes. We point out the problems in each scheme....

  • Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks. Jiye Kim; Donghoon Lee; Woongryul Jeon; Youngsook Lee; Dongho Won // Sensors (14248220);Apr2014, Vol. 14 Issue 4, p6443 

    User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found...

  • Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks. I-Pin Chang; Tian-Fu Lee; Tsung-Hung Lin; Chuan-Ming Liu // Sensors (14248220);Dec2015, Vol. 15 Issue 12, p29841 

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and...

  • Novel Untraceable Authenticated Key Agreement Protocol Suitable for Mobile Communication. Chang, Chin-Chen; Le, Hai-Duong; Chang, Ching-Hsiang // Wireless Personal Communications;Jul2013, Vol. 71 Issue 1, p425 

    Communication network has grown to the stage where it becomes ubiquitous. It allows us to access to on-line services at anytime, anywhere and by any devices. This brings out new services, that was previous only accessible via computers, now are available on mobile devices such as e-commerce...

  • An Enhanced Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards. Wen-Chung Kuo; Kai Chain; Jiin-Chiou Cheng; Jar-Ferr Yang // International Journal of Security & Its Applications;Apr2012, Vol. 6 Issue 2, p127 

    Although the smart card brings conveniences, it also increases the risk in the case of lost cards. When the smart card is possessed by an attacker, the attacker will possibly attempt to analyze the secret information within the smart card to deduce the authentication mechanism of the server and...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics