Abstract
In 2009, Jena et al. proposed a novel remote user authentication scheme using smart card based on Elliptic Curve Discrete Logarithm Problem (ECDLP) and claimed that the proposed scheme withstands to security threats. This paper analyzes Jena et al.’s scheme and found that the proposed scheme does not support mutual authentication, session key generation phase for secure communication. In addition, in Jena et al.’s scheme, the user is not free to change his password and the login request is insufficient for the remote server to authenticate the legitimacy of a valid remote user over insecure channel. However, in this paper, we show that Jena et al.’s proposed scheme is neither correct nor ideal and also vulnerable to some serious security vulnerabilities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Jena, D., Jena, S.K., Mohanty, D., Panigrahy, S.K.: A Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP. In: Proceedings of the International Conference on Advanced Computer Control, January 22-24, pp. 246–249. IEEE Computer Society, Washington, DC (2009)
Lamport, L.: Password Authentication with Insecure Communication. Communication of the ACM, 24 11, 770–772 (1981)
Manoj, K.: New remote user authentication scheme with smart cards. IEEE Trans. Consumer Electronic 50-2, 597–600 (2004)
Manoj, K.: Some remarks on a remote user authentication scheme using smart cards with forward secrecy. IEEE Trans. Consumer Electronic 50-2, 615–618 (2004)
Manoj, K.: An Enhanced remote user authentication scheme with smart cards. International Journal of Network Security 10-3, 175–184 (2010)
Manoj, K.: A New Secure Remote User Authentication Scheme with Smart Cards. International Journal of Network Security 11-3, 112–118 (2010)
Manoj, K.: On the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme. Cryptology ePrint Archive: a publication of The International Association for Cryptologic Research (IACR), Santa Rosa Administrative Center, University of California, Santa Barbara, CA, 93106-6120, USA, Report-560 (2009), http://www.eprint.iacr.org/2009/560
Manoj, K.: On the Security of a Novel Remote User Authentication Scheme using Smart Card based on ECDLP. Cryptology ePrint Archive: a publication of The International Association for Cryptologic Research (IACR), Santa Rosa Administrative Center, University of California, Santa Barbara, CA, 93106-6120, USA, Report-138 (2010), http://www.eprint.iacr.org/2010/138
Shen, Z.H.: A new modified remote user authentication scheme using smart cards. Applied Mathematics 23-3, 371–376 (2008)
Tsai, C.S., Lee, C.C., Hwang, M.S.: Password Authentication Schemes: Current Status and Key Issues. International Journal of Network Security 3, 2, 101–115 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kumar, M., Balyan, A. (2010). Security Vulnerabilities of a Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP. In: Ranka, S., et al. Contemporary Computing. IC3 2010. Communications in Computer and Information Science, vol 95. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14825-5_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-14825-5_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14824-8
Online ISBN: 978-3-642-14825-5
eBook Packages: Computer ScienceComputer Science (R0)