Secure Dynamic Identity-Based Remote User Authentication Scheme

Sood, Sandeep K.; Sarje, Anil K.; Singh, Kuldip

doi:10.1007/978-3-642-11659-9_25

Sandeep K. Sood¹⁸,
Anil K. Sarje¹⁸ &
Kuldip Singh¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5966))

Included in the following conference series:

International Conference on Distributed Computing and Internet Technology

842 Accesses
7 Citations

Abstract

In 2000, Sun proposed an efficient smart card based remote user authentication scheme to improve the efficiency of Hwang and Li’s scheme. In 2002, Chien et al. demonstrated that Sun’s scheme only achieves unilateral user authentication so that only authentication server authenticates the legitimacy of the remote user and proposed a new remote user authentication scheme. In 2004, Hsu demonstrated that Chien et al.’s scheme is vulnerable to parallel session attack. In 2005, Lee et al. proposed an improved scheme to overcome this weakness while maintaining the merits of Chien et al.’s scheme. In 2005, Yoon and Yoo found that Lee et al.’s scheme is vulnerable to masquerading server attack and proposed an improved scheme. In 2009, Xu et al. demonstrated that Lee et al.’s scheme is vulnerable to offline password guessing attack and proposed an improved scheme. However, we found that Lee et al.’s scheme is also vulnerable to impersonation attack, malicious user attack and reflection attack. Moreover, Lee et al.’s scheme fails to protect the user’s anonymity in insecure communication channel. This paper presents an improved scheme to resolves the aforementioned problems, while keeping the merits of Lee et al.’s scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24(11), 770–772 (1981)
Article MathSciNet Google Scholar
Hwang, M.S., Li, L.H.: A New Remote User Authentication Scheme using Smart Cards. IEEE Transactions on Consumer Electronics 46(1), 28–30 (2000)
Article Google Scholar
Sun, H.M.: An Efficient Remote User Authentication Scheme using Smart Cards. IEEE Transactions on Consumer Electronics 46(4), 958–961 (2000)
Article Google Scholar
Chien, H.Y., Jan, J.K., Tseng, Y.M.: An Efficient and Practical Solution to Remote Authentication: Smart Card. Computers & Security 21(4), 372–375 (2002)
Article Google Scholar
Ku, W.C., Chen, S.M.: Weaknesses and Improvements of an Efficient Password based Remote User Authentication Scheme using Smart Cards. IEEE Transactions on Consumer Electronics 50(1), 204–207 (2004)
Article Google Scholar
Hsu, C.L.: Security of Chien et al.’s Remote User Authentication Scheme using Smart Cards. Computer Standards & Interfaces 26(3), 167–169 (2004)
Article Google Scholar
Lee, S.W., Kim, H.S., Yoo, K.Y.: Improvement of Chien et al.’s Remote User Authentication Scheme using Smart Cards. Computer Standards & Interfaces 27(2), 181–183 (2005)
Article Google Scholar
Yoon, E., Yoo, K.: More Efficient and Secure Remote User Authentication Scheme using Smart Cards. In: Proc. of 11th International Conference on Parallel and Distributed System, vol. 2, pp. 73–77 (2005)
Google Scholar
Kim, S.K., Chung, M.G.: More Secure Remote User Authentication Scheme. Computer Communications 32(6), 1018–1021 (2009)
Article Google Scholar
Xu, J., Zhu, W.T., Feng, D.G.: An Improved Smart Card based Password Authentication Scheme with Provable Security. Computer Standards & Interfaces 31(4), 723–728 (2009)
Article Google Scholar
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Chapter Google Scholar
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)
Article MathSciNet Google Scholar

Download references

Author information

Authors and Affiliations

Department of Electronics & Computer Engineering, Indian Institute of Technology, Roorkee, India
Sandeep K. Sood, Anil K. Sarje & Kuldip Singh

Authors

Sandeep K. Sood
View author publications
You can also search for this author in PubMed Google Scholar
Anil K. Sarje
View author publications
You can also search for this author in PubMed Google Scholar
Kuldip Singh
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

International Institute for Software Technology, Center for Electronic Governance, United Nations University, P.O. Box 3058, Macau, Japan
Tomasz Janowski
Department of Computer and Information Sciences, Central University PO, University of Hyderabad, 500 046, Hyderabad, AP, India
Hrushikesha Mohanty

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sood, S.K., Sarje, A.K., Singh, K. (2010). Secure Dynamic Identity-Based Remote User Authentication Scheme. In: Janowski, T., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2010. Lecture Notes in Computer Science, vol 5966. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11659-9_25

Download citation

DOI: https://doi.org/10.1007/978-3-642-11659-9_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11658-2
Online ISBN: 978-3-642-11659-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics