|
For Full-Text PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
|
Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards
Wei-Chi KU Shen-Tien CHANG
Publication
IEICE TRANSACTIONS on Communications
Vol.E88-B
No.5
pp.2165-2167 Publication Date: 2005/05/01 Online ISSN:
DOI: 10.1093/ietcom/e88-b.5.2165 Print ISSN: 0916-8516 Type of Manuscript: LETTER Category: Fundamental Theories for Communications Keyword: dynamic ID, impersonation attack, password authentication, reparability, smart card,
Full Text: PDF(56.6KB)>>
Summary:
Recently, Das et al. proposed a dynamic ID-based verifier-free password authentication scheme using smart cards. To resist the ID-theft attack, the user's login ID is dynamically generated and one-time used. Herein, we demonstrate that Das et al.'s scheme is vulnerable to an impersonation attack, in which the adversary can easily impersonate any user to login the server at any time. Furthermore, we also show several minor weaknesses of Das et al.'s scheme.
|
|
|