|
For Full-Text PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
|
Improvement of an Efficient and Practical Solution to Remote Authentication: Smart Card
Her-Tyan YEH
Publication
IEICE TRANSACTIONS on Communications
Vol.E89-B
No.1
pp.210-211 Publication Date: 2006/01/01 Online ISSN: 1745-1345
DOI: 10.1093/ietcom/e89-b.1.210 Print ISSN: 0916-8516 Type of Manuscript: LETTER Category: Internet Keyword: remote authentication, smart card, network security, cryptography, data security,
Full Text: PDF(55.4KB)>>
Summary:
Recently, Chien et al. proposed an efficient timestamp-based remote user authentication scheme using smart cards. The main merits include: (1) user-independent server, i.e., there is no password or verification table kept in the server; (2) users can freely choose their passwords; (3) mutual authentication is provided between the user and the server; and (4) lower communication and computation cost. In this paper, we show that Chien et al.'s scheme is insecure against forgery attack because one adversary can easily pretend to be a legal user, pass the server's verification and login to the remote system successfully. An improved scheme is proposed that can overcome the security risk while still preserving all the above advantages.
|
|
|