Skip to main content
SpringerLink
Log in
Book cover

International Conference on Hybrid Information Technology

ICHIT 2011: Convergence and Hybrid Information Technology pp 482–487Cite as

Cryptanalysis of Nonce-Based Mutual Authentication Scheme Using Smart Cards

  • Conference paper

  • 1850 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6935))

Abstract

Recently, many user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication process. In 2008, Liu et al. proposed a new mutual authentication scheme using smart cards which is based on nonce and can withstand the existing of forged attack. In this paper, we analyze the security weaknesses of Liu et al.’s scheme. Although Liu et al.’s scheme overcame the vulnerability of Shen et al.’s scheme, we have shown that Liu et al.’s scheme is still insecure against the Impersonation attack and password guessing attack, and does not provide the mutual authentication between the user and the remote server.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Yang, W.H., Shieh, S.P.: Password Authentication with smart cards. Computers and Security 18(8), 727–733 (1999)

    Article  Google Scholar 

  2. Fan, L., Li, L.H., Zhu, H.W.: An Enhancement of timestamp-based password Authentication Scheme. Computers and Security 21(7), 665–667 (2002)

    Article  Google Scholar 

  3. Shen, J.J., Lin, C.W., Hwang, M.S.: Security Enhancement for the timestamp-based password Authentication Scheme Using Smart Cards. Computers and Security 22(7), 591–595 (2003)

    Article  Google Scholar 

  4. Das, M.L., Sxena, A., Gulathi, V.P.: A Dynamic ID-based Remote User Authentication Scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)

    Article  Google Scholar 

  5. Chien, H.Y., Chen, C.H.: A Remote Password Authentication Preserving User Anonymity. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications, AINA 2005 (2005)

    Google Scholar 

  6. Yoon, E.J., Ryu, E.K., Yoo, K.Y.: Attack on the Shen et al.’s Timestamp-based Password Authentication Scheme Using Smart Cards. IEICE Transactions on Fundamentals E88-A(1), 319–321 (2005)

    Article  Google Scholar 

  7. Lin, C.W., Tsai, C.S., Hwang, M.S.: A New Strong-Password Authentication Scheme Using One-Way Hash Functions. Journal of Computer and Systems Sciences International 45(4), 623–626 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  8. Bindu, C.S., Reddy, P.C.S., Satyanarayana, B.: Improved Remote User Authentication Scheme Preserving User Anonymity. International Journal of Computer Science and Network Security 8(3), 62–66 (2008)

    Google Scholar 

  9. Liu, J.Y., Zhou, A.M., Gao, M.X.: A New Mutual Authentication Scheme based on Nonce and Smart Cards. Computer Communications 31, 2205–2209 (2008)

    Article  Google Scholar 

  10. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  11. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Media Information Engineering, Kangnam University, 111, Gugal-dong, Giheung-gu, Yongin-si, Gyounggi-do, 446.702, Korea

    Young-Hwa An & Youngdo Joo

Authors
  1. Young-Hwa An
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Youngdo Joo
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Engineering Department, Hannam University, 70 Hannamro, Daedeuk-gu, Daejeon, Korea

    Geuk Lee

  2. QinetiQ Company Fellow, Howard Science Limited, 24 Sunrise, WR14 2NJ, Malvern, UK

    Daniel Howard

  3. University of Warsaw, 02-097, Warsaw, Poland

    Dominik Ślęzak

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

An, YH., Joo, Y. (2011). Cryptanalysis of Nonce-Based Mutual Authentication Scheme Using Smart Cards. In: Lee, G., Howard, D., Ślęzak, D. (eds) Convergence and Hybrid Information Technology. ICHIT 2011. Lecture Notes in Computer Science, vol 6935. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24082-9_59

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24082-9_59

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24081-2

  • Online ISBN: 978-3-642-24082-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation