Security Vulnerabilities of a Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP

Kumar, Manoj; Balyan, Aayushi

doi:10.1007/978-3-642-14825-5_22

Manoj Kumar⁹ &
Aayushi Balyan¹⁰

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 95))

Included in the following conference series:

International Conference on Contemporary Computing

694 Accesses
1 Citations

Abstract

In 2009, Jena et al. proposed a novel remote user authentication scheme using smart card based on Elliptic Curve Discrete Logarithm Problem (ECDLP) and claimed that the proposed scheme withstands to security threats. This paper analyzes Jena et al.’s scheme and found that the proposed scheme does not support mutual authentication, session key generation phase for secure communication. In addition, in Jena et al.’s scheme, the user is not free to change his password and the login request is insufficient for the remote server to authenticate the legitimacy of a valid remote user over insecure channel. However, in this paper, we show that Jena et al.’s proposed scheme is neither correct nor ideal and also vulnerable to some serious security vulnerabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Jena, D., Jena, S.K., Mohanty, D., Panigrahy, S.K.: A Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP. In: Proceedings of the International Conference on Advanced Computer Control, January 22-24, pp. 246–249. IEEE Computer Society, Washington, DC (2009)
Google Scholar
Lamport, L.: Password Authentication with Insecure Communication. Communication of the ACM, 24 11, 770–772 (1981)
Article Google Scholar
Manoj, K.: New remote user authentication scheme with smart cards. IEEE Trans. Consumer Electronic 50-2, 597–600 (2004)
Google Scholar
Manoj, K.: Some remarks on a remote user authentication scheme using smart cards with forward secrecy. IEEE Trans. Consumer Electronic 50-2, 615–618 (2004)
Google Scholar
Manoj, K.: An Enhanced remote user authentication scheme with smart cards. International Journal of Network Security 10-3, 175–184 (2010)
Google Scholar
Manoj, K.: A New Secure Remote User Authentication Scheme with Smart Cards. International Journal of Network Security 11-3, 112–118 (2010)
Google Scholar
Manoj, K.: On the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme. Cryptology ePrint Archive: a publication of The International Association for Cryptologic Research (IACR), Santa Rosa Administrative Center, University of California, Santa Barbara, CA, 93106-6120, USA, Report-560 (2009), http://www.eprint.iacr.org/2009/560
Manoj, K.: On the Security of a Novel Remote User Authentication Scheme using Smart Card based on ECDLP. Cryptology ePrint Archive: a publication of The International Association for Cryptologic Research (IACR), Santa Rosa Administrative Center, University of California, Santa Barbara, CA, 93106-6120, USA, Report-138 (2010), http://www.eprint.iacr.org/2010/138
Shen, Z.H.: A new modified remote user authentication scheme using smart cards. Applied Mathematics 23-3, 371–376 (2008)
Google Scholar
Tsai, C.S., Lee, C.C., Hwang, M.S.: Password Authentication Schemes: Current Status and Key Issues. International Journal of Network Security 3, 2, 101–115 (2006)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Mathematics, Rashtriya Kishan Postgratute College, Meerut-Karnal Road, Shamli, 247776, District- Muzaffarnagar, India
Manoj Kumar
Junior Wing, St. Francis School Shamli, Panipat-Muzaffarnagar Road, Shamli, 247776, District- Muzaffarnagar, India
Aayushi Balyan

Authors

Manoj Kumar
View author publications
You can also search for this author in PubMed Google Scholar
Aayushi Balyan
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dept. of Computer Sciences, University of Florida, 32611, Gainesville, FL, USA
Sanjay Ranka
University of Florida, Gainesville, Fl, USA
Arunava Banerjee
Department of Computer Science and Engineering, Indian Institute of Technology, 110016, New Delhi, INDIA
Kanad Kishore Biswas
Computer Science, College of Engineering and Science, Louisiana Tech University, LA 71272, Ruston, USA
Sumeet Dua
University of Florida, Gainesville, FL, USA
Prabhat Mishra
Department of Computer Science & Engineering, Indian Institute of Technology Kanpur, 208016, India
Rajat Moona
National Tsing Hua University, Hsin-Chu, Taiwan, R.O.C.
Sheung-Hung Poon
Department of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong
Cho-Li Wang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kumar, M., Balyan, A. (2010). Security Vulnerabilities of a Novel Remote User Authentication Scheme Using Smart Card Based on ECDLP. In: Ranka, S., et al. Contemporary Computing. IC3 2010. Communications in Computer and Information Science, vol 95. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14825-5_22

Download citation

DOI: https://doi.org/10.1007/978-3-642-14825-5_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14824-8
Online ISBN: 978-3-642-14825-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics