Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards

@article{Karuppiah2015CryptanalysisAA,
  title={Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards},
  author={Marimuthu Karuppiah and R. Saravanan},
  journal={Journal of Discrete Mathematical Sciences and Cryptography},
  year={2015},
  volume={18},
  pages={623 - 649}
}
Abstract In this paper, the security of a remote user mutual authentication scheme using smart cards proposed by Rajaram et al., [Rajaram R, Amutha Prabakar M, New Remote Mutual Authentication Scheme using Smart Cards, Transactions on Data Privacy, 2(2009): 141--152] is analysed. We show that Rajaram et al., scheme is still vulnerable to user impersonation attacks, off-line password guessing attacks and time synchronization problem. Moreover, the scheme does not provide an option to change or… Expand
Cryptanalysis and Improvement of a Secure Mutual Authentication Scheme for Remote Users
TLDR
The proposed secure authentication scheme by Marimuthu Karuppiah et al. is proved to be safe, from diverse attacks, together with the attacks that have been observed in the previous scheme’s security analysis. Expand
Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment
TLDR
This paper demonstrates the security limitations of a recently proposed password based authentication scheme, and shows that the scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. Expand
Remote user authentication scheme using smart card: a review
  • M. Karuppiah
  • Computer Science
  • Int. J. Internet Protoc. Technol.
  • 2016
TLDR
All the security requirements and all the goals an ideal remote user authentication scheme should satisfy and achieve are defined and presented. Expand
SPAS: An Authentication Scheme to Prevent Unauthorized Access of Information from Smart Card
Nowadays internet has become indispensable part of one’s life. Therefore, security and privacy are of critical concern to retain user’s confidence in network services and applications. SeveralExpand
Design of a secure anonymity-preserving authentication scheme for session initiation protocol using elliptic curve cryptography
TLDR
There is a need to propose a secure ECC-based authentication scheme with user anonymity for SIP to overcome the shortcomings of Lu et al. Expand
A privacy preserving biometric-based three-factor remote user authenticated key agreement scheme
TLDR
A novel AKA protocol is proposed, which can overcome the weaknesses of Li et al.'s scheme without losing its original merits, and is secure against various known attacks including the attacks found in Li et-al. Expand
Security on "Secure Remote Login Scheme with Password and Smart Card Update Facilities"
TLDR
This paper demonstrates that the proposed new authentication scheme to access remote server over insecure channels is still vulnerable to various malicious attacks and is aslo unable to provide several essential security properties. Expand
Enhancing Biometric and Mutual Verification in Multi-server Three-factor User Remote Authentication Scheme with Elliptic Curve Cryptography
TLDR
A novel protocol using more secure and efficient building element, elliptic curve cryptography (ECC), to create the shared keys among the three parties, in which the remote server can verify biometric information and RC can confirm the registrations. Expand
A secure authentication and key agreement scheme for roaming service with user anonymity
TLDR
A secure and efficient authentication and key agreement scheme for global mobility networks based on the elliptic curve cryptosystem is proposed that not only withstands various security attacks but also improves the efficiency by reducing the computational costs. Expand
Security analysis for chaotic maps-based mutual authentication and key agreement using smart cards for wireless networks
  • A. Shakiba
  • Computer Science
  • Journal of Information and Optimization Sciences
  • 2019
TLDR
This paper will enhance this protocol by applying fixes to these vulnerabilities and state a set of security requirements for it, and investigate the computational complexity of the enhanced protocol and efficient ways to compute the iterations of the first type of Chebyshev polynomials. Expand
...
1
2
...

References

SHOWING 1-10 OF 78 REFERENCES
Improvement of robust smart-card-based password authentication scheme
TLDR
This work proposes an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme, and provides more security guarantees while keeping efficiency. Expand
A secure remote user mutual authentication scheme using smart cards
TLDR
Through careful cryptanalysis, it is found that Yang et al.'s scheme is not repairable, and cannot achieve mutual authentication and session key agreement, so a new remote user authentication scheme with smart card is proposed. Expand
Secure Dynamic Identity-Based Authentication Scheme Using Smart Cards
  • S. Sood
  • Computer Science
  • Inf. Secur. J. A Glob. Perspect.
  • 2011
TLDR
Wang et al.'s scheme is found to be susceptible to impersonation attack, stolen smart card attack, offline password guessing attack, denial of service attack and fails to preserve the user anonymity. Expand
Robust smart-card-based remote user password authentication scheme
TLDR
An improved and efficient smart-card-based password authentication and key agreement scheme that not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen-smart-card attack. Expand
Cryptanalysis of a Remote User Authentication Scheme Using Smart Cards
TLDR
This paper gives a cryptanalysis of the Liaw et al. remote user authentication scheme and presents that the scheme is vulnerable and insecure against at least four kinds of attack, including the offline password guessing attack, two impersonation attacks, the intruder-in-the-middle attack and the denial-of-service attack. Expand
Cryptanalysis and security enhancement of a remote user authentication scheme using smart cards
TLDR
A robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects, while preserving the merits of different related schemes. Expand
An improved smart card based password authentication scheme with provable security
TLDR
This work shows that smart card based password authentication scheme and remote user authentication scheme are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. Expand
Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards
TLDR
It is shown that both Ku et al.'s scheme and Yoon et al.'s scheme are still vulnerable to the guessing attack, forgery attack and denial of service (DoS) attack, and their schemes lack efficiency when users input wrong passwords. Expand
Secure password-based remote user authentication scheme with non-tamper resistant smart cards
TLDR
A robust scheme with a brief analysis is presented to overcome the identified drawbacks and it is shown that Li et al.'s scheme still cannot withstand offline password guessing attack under the non-tamper resistance assumption of the smart card. Expand
Security flaws in two improved remote user authentication schemes using smart cards
TLDR
This paper analyzes two recent proposals in the area of password-based remote user authentication using smart cards and puts forward three general principles that are vital for designing secure smart-card-based password authentication schemes. Expand
...
1
2
3
4
5
...