|
For Full-Text PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
|
Security Analysis of a Nonce-Based User Authentication Scheme Using Smart Cards
Junghyun NAM Seungjoo KIM Sangjoon PARK Dongho WON
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Vol.E90-A
No.1
pp.299-302 Publication Date: 2007/01/01 Online ISSN: 1745-1337
DOI: 10.1093/ietfec/e90-a.1.299 Print ISSN: 0916-8508 Type of Manuscript: LETTER Category: Information Security Keyword: distributed system, authentication scheme, password, smart card, parallel session attack, denial of service attack,
Full Text: PDF(98.6KB)>>
Summary:
A remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. Recently, Lee et al. have proposed an efficient nonce-based scheme for remote user authentication using smart cards. This work reviews Lee et al.'s authentication scheme and provides a security analysis on the scheme. Our analysis shows that Lee et al.'s scheme does not achieve its basic aim of authenticating remote users and furthermore has a very hazardous method for changing passwords. In addition, we recommend some changes to the scheme so that it can attain at least its main security goal.
|
open access publishing via
|
|
|
|
|
|
|
|