skip to main content
10.1145/1968613.1968750acmconferencesArticle/Chapter ViewAbstractPublication PagesicuimcConference Proceedingsconference-collections
research-article

A smart card based user authentication scheme for multi-server environment

Published: 21 February 2011 Publication History

Abstract

There are many severs that provide various services in the Internet. A user authentication scheme for these servers is a precondition. User authentication schemes are many studied by researchers for a multi-server environment. But user authentication doesn't secure safety in a multi-server environment that exist many servers by currently used authentication. Because we can't prove that all servers are safe, there are a variety of attacks like a Server spoofing, Password or Verification table attack, User Impersonation attack and Reply attack. To solve these problems, existing paper proposed various schemes using a public key algorithm, one-way hash function and mixed them together. And recently, more efficient authentication schemes are proposed by Tsai, Liao-Wang and Wang-Juang-Lei. However, Tsai's and Liao-Wang's scheme have an impersonation attack and a server spoofing. Wang-Juang-Lei's scheme has a password synchronization problem. And their's also can't ensure a forward secrecy. In this paper, we designed to be registered the unique value of its own into the Smart Card at the Registration phase for secure communication between the Smart card and user. This value SCV is encoded by operating the hash function. And because of this value, even if communication data is exposed between the Smart Card and User, however, can ensure safety. And also to solve a password synchronization problem, our scheme is designed safely, even if isn't continuously changed the password. And our proposed method use only one-way hash function. Thus, we can ensure more efficient and high safety than in the existing method.

References

[1]
C. C. Chang and T. C. Wu, Remote password authentication with smart cards, IEEE Proc. 138, 3(May 1991), 165--168.
[2]
K.Chan and L. M. Cheng, Cryptanalysis of a remote user authentication scheme using smart cards, IEEE Trans. Consum. Electron. 46(2000), 992--993.
[3]
J. J. Shen, C. W. Lin and M. S. Hwang, A modified remote user authentication scheme using smart cards, IEEE Trans. Consum. Electron 49, 2(2003), 414--416.
[4]
K. C. Leung, L. M. Cheng, A. S. Fong and C. K. Chan, Cryptanalysis of a modified remote user authentication scheme using smart cards, IEEE Trans. Consum. Electron 49, 4(2003), 1243--1245.
[5]
W. C. Ku and S. T. Chang, Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards, IEICE Trans. Commun. 5, (2005).
[6]
W. S. Juang, Efficient password authenticated key agreement using smart cards, Computer & Secureity, 23, (March 2004) 167--173.
[7]
J. L. Tsai, Efficient multi-server authentication scheme based on one-way hash function without verification table, Computer & Security, 27, 3--4, (May-Jun 2008), 115--121.
[8]
Y. P. Liao and S. S. Wang, A secure dynamic ID based remote user authentication scheme for multi-server environment, Computer Standards & Interfaces, 31, 1(Jan 2009), 24--29.
[9]
T. Y. Chen, M. S. Hwang, C. C. Lee and J. K. Jan, Cryptanalysis of a secure dynamic ID based remote user authentication scheme for multi-server environment, in: Proceedings of the International Conference on Innovative Computing, Information and Control. (December, 2009). ICICIC'2009. Taiwan, Kaohsiung, pp. 725--728.
[10]
R. C. Wang, W. S. Juang and C. L. Lei, User Authentication Scheme with Privacy-Preservation for Multi-Server Environment, IEEE COMMUNICATION LETTER, 13, 2(Feb 2009), 157--159.
[11]
X.T, R. W. Zhu and D. S. Wong, Improved efficient remote user authentication schemes, Int. J. Netw. Secur. 4, 2(2007), 149--154.

Index Terms

  1. A smart card based user authentication scheme for multi-server environment

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    ICUIMC '11: Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
    February 2011
    959 pages
    ISBN:9781450305716
    DOI:10.1145/1968613
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 21 February 2011

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. hash function
    2. multi-server
    3. smart card
    4. user authentication

    Qualifiers

    • Research-article

    Funding Sources

    Conference

    ICUIMC '11
    Sponsor:

    Acceptance Rates

    ICUIMC '11 Paper Acceptance Rate 135 of 534 submissions, 25%;
    Overall Acceptance Rate 251 of 941 submissions, 27%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 208
      Total Downloads
    • Downloads (Last 12 months)2
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 19 Feb 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media