Skip to main content
Springer Nature Link
Log in

Analysis and Improvement of an Authentication Scheme Using Smart Cards

  • Conference paper
Quality, Reliability, Security and Robustness in Heterogeneous Networks (QShine 2013)

  • 2788 Accesses

Abstract

In 2010, Sood et al [16] proposed a secure dynamic identity based authentication scheme using smart cards. They claimed that their scheme is secure against various attacks. In this paper, we demonstrate that their scheme is completely insecure and vulnerable to outsider attack as well as insider attack. An outsider attacker can obtain the common session key between the user and the server, while an insider attacker can get not only the session key but also the secret key of the server. Therefore, the entire system collapses. To remedy these security flaws, an improved scheme is proposed to withstand these attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Awasthi, A.K.: Comment on a dynamic id-based remote user authentication scheme. Transaction on Cryptology 1(2), 15–16 (2004)

    MathSciNet  Google Scholar 

  2. Chien, H.-Y., Chen, C.H.: A remote authentication scheme preserving user anonymity. Proc. Advanced Information Networking and Applications 2, 245–248 (2005)

    Article  Google Scholar 

  3. Chien, H.-Y., Jan, J.-K., Tseng, Y.-M.: An efficient and practical solution to remote authentication: smart card. Computers and Security 21(4), 372–375 (2002)

    Article  Google Scholar 

  4. Das, M.L., Saxena, A., Gulati, V.P.: A dynamic id-based remote user authentication scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)

    Article  Google Scholar 

  5. He, D., Wu, S.: Security flaws in smart card based authentication scheme for multi server environment. Wireless Personal Communications (2012) (0929-6212)

    Google Scholar 

  6. Hwang, M.-S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(1), 28–30 (2000)

    Article  Google Scholar 

  7. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  8. Ku, W.-C., Chang, S.-T.: Impersonation attack on dynamic id-based remote user authentication scheme using smart cards. IEICE, Transactions on Communications E88-B(5), 2165–2167 (2005)

    Article  Google Scholar 

  9. Lamport, L.: Password authentication with insecure communication. Communication of the ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  10. Liao, I.-E., Lee, C.-C., Hwang, M.-S.: Security enhancement for a dynamic id-based remote user authentication scheme. Proc. Conference on Next Generation Web Services Practice, 437–440 (2005)

    Google Scholar 

  11. Liou, Y., Lin, J., Wang, S.: A new dynamic id-based remote user authentication scheme using smart cards. In: Proc. 16th Information Security Conference, Taiwan, pp. 198–205 (July 2006)

    Google Scholar 

  12. Liu, J., Zhong, S.: Analysis of kim-jeon-yoo password authentication scheme. Cryptologia 33(2), 183–187 (2009)

    Article  Google Scholar 

  13. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

  14. Pelaez, R.M., Novella, F.R.: Cryptanalysis of sood et al’s authentication scheme using smart cards. IACR Cryptology ePrint Archive (386) (July 2012)

    Google Scholar 

  15. Snih, H.C.: Cryptanalysis on two password authentication schemes. In: Labortary of Cryptography and Information Security. National Central University, Taiwan (2008)

    Google Scholar 

  16. Sood, S.K., Sarje, A.K., Singh, K.: An improvement of liao et al’s authentication scheme using smard cards. In: Proc. IEEE 2nd International Advance Computing Conference, pp. 240–245 (February 2010)

    Google Scholar 

  17. Yoon, E.-J., Yoo, K.-Y.: Improving the dynamic ID-based remote mutual authentication scheme. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 499–507. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Applied Mathematics, Gautam Buddha University, Greater Noida, 201308, UP, India

    Sonam Devgan Kaul & Amit K. Awasthi

Authors
  1. Sonam Devgan Kaul
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amit K. Awasthi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Gautam Buddha University, Greater Noida, 201310, India

    Karan Singh  & Amit K. Awasthi  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Kaul, S.D., Awasthi, A.K. (2013). Analysis and Improvement of an Authentication Scheme Using Smart Cards. In: Singh, K., Awasthi, A.K. (eds) Quality, Reliability, Security and Robustness in Heterogeneous Networks. QShine 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 115. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37949-9_63

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-37949-9_63

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-37948-2

  • Online ISBN: 978-3-642-37949-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation