Skip to main content
SpringerLink
Log in

Remote Authentication with Forward Security

  • Conference paper
Autonomic and Trusted Computing (ATC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4158))

Included in the following conference series:

Abstract

Password authentication has been accepted as an easy-to-use solution in network environment to protect unauthorized access to a remote server. Although many schemes have been proposed, none of them can achieve survivability in case of compromise of a server. Once a server’s secret key is leaked, the system is totally broken, and all the legally registered users have to be rejected for security reason, which is the most undesirable tragedy in business applications. In this paper, we propose a remote authentication scheme with forward security to reduce the potential damages caused by key exposure problem in authentication schemes. In our scheme, an intruder can not masquerade as an legal user registered at previous periods even if he has obtained server’s secret keys.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Liao, I.E., Lee, C.C., Hwang, M.S.: A password authentication scheme over insecure networks. J. Comput. System Sci. (2005)

    Google Scholar 

  2. Awasthi, A.K., Lal, S.: A remote user authentication scheme using smart cards with forward secrecy. IEEE Trans. Consum. Electron. 49(4), 1246–1248 (2003)

    Article  Google Scholar 

  3. Chang, Y.F., Chang, C.C.: A secure and efficient strong-password authentication protocol. ACM SIGOPS Operating Systems Review 38(3), 79–90 (2004)

    Article  Google Scholar 

  4. Chan, C.K., Cheng, L.M.: Cryptanalysis of a remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(4), 992–993 (2000)

    Article  Google Scholar 

  5. Chien, H.Y., Chen, C.H.: A remote authentication scheme preserving user anonymity. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications - AINA 2005, pp. 245–248 (2005)

    Google Scholar 

  6. Chan, C.C., Hwang, K.F.: Some forgery attacks on a remote user authentication scheme using smart cards. Informatics 14(3), 289–294 (2003)

    Google Scholar 

  7. Chien, H.Y., Jan, J., Tseng, Y.: An efficient and practical solution to remote authentication: smart card. Computer Security 21(4), 372–375 (2002)

    Article  Google Scholar 

  8. Hsu, C.L.: Security of Chien et al.’s remote user authentication scheme using smart cards. Computer Standards and Inerfaces 26(3), 167–169 (2004)

    Article  Google Scholar 

  9. Lee, S.W., Kim, H.S., Yoo, K.Y.: Improvement of Chien et al. ’s remote user authentication scheme using smart cards. Computer Standards and Inerfaces 27, 181–183 (2005)

    Article  Google Scholar 

  10. Chang, C.C., Wu, T.C.: Remote password authentication with smart cards. IEEE Proceddings 138(3), 165–168 (1993)

    Google Scholar 

  11. Das, M.L., Saxena, A., Gulati, V.P.: A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2), 629–631 (2004)

    Article  Google Scholar 

  12. Hwang, M.S., Lee, C.C., Tang, Y.L.: A simple remote user authentication scheme. Math. Comput. Model. 36, 103–107 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  13. Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1), 28–30 (2000)

    Article  Google Scholar 

  14. Lamport, L.: Password authentication with insecure communication. Communication of ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  15. Lu, R.X., Cao, Z.F.: Efficient remote user authentication scheme using smart card. Computer Networks 49(4), 535–540 (2005)

    Article  MATH  Google Scholar 

  16. Leung, K.C., Cheng, L.M., Fong, A.S., Chan, C.K.: Cryptanalysis of a modified remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 49(4), 1243–1245 (2003)

    Article  Google Scholar 

  17. Sun, H.M.: An efficient remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(4), 958–961 (2000)

    Article  Google Scholar 

  18. Shen, J.J., Lin, C.W., Hwang, M.S.: A modified remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 49(2), 414–416 (2003)

    Article  Google Scholar 

  19. Yang, W.H., Shieh, S.P.: Password authentication schemes with smart card. Computer Security 18(8), 727–733 (1999)

    Article  Google Scholar 

  20. Chan, C.K., Cheng, L.M.: Cryptanalysis of timestamp-based password authentication scheme. Computers & Security 21(1), 74–76 (2002)

    Article  Google Scholar 

  21. Fan, L., Li, J.H., Zhu, H.W.: An enhancement of timestamp-based password authentication scheme. Computers & Security 21(7), 665–667 (2002)

    Article  Google Scholar 

  22. Shen, J.J., Lin, C.W., Hwang, M.S.: Security enhancement for the timestamp-based password authentication scheme using smart cards. Computers & Security 22(7), 591–595 (2003)

    Article  Google Scholar 

  23. Wu, S.T., Chieu, B.C.: A user friendly remote authentication scheme with smart cards. Computers & Security 22(6), 547–550 (2003)

    Article  Google Scholar 

  24. Yang, C.C., Wang, R.C.: Cryptanalysis of a user friendly remote authentication scheme with smart cards. Computers & Security 23, 425–427 (2004)

    Article  Google Scholar 

  25. Chen, C.M., Ku, W.C.: Stolen-verifier attack on two new strong-password authentication protocal. IEICE Transactions on Communications E85-B(11), 2519–2521 (2002)

    Google Scholar 

  26. Kwon, T., Song, J.: Efficient and secure password-based authentication protocols against guessing attacks. Computer Communications 21, 853–861 (1998)

    Article  Google Scholar 

  27. MacKenzie, P., Shrimpton, T., Jakobsson, M.: Threshold password-authentication key exchange. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 385–400. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. Raimonodo, M.D., Gennaro, R.: Provably secure threshold password authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)

    Google Scholar 

  29. Chai, Z.C., Cao, Z.F.: Factoring-Based Proxy Signature Schemes with Forward-Security. In: Zhang, J., He, J.-H., Fu, Y. (eds.) CIS 2004. LNCS, vol. 3314, pp. 1034–1040. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  30. Gunther, C.G.: An identity-based key-exchange protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990)

    Google Scholar 

  31. Abdalla, M., Miner, S., et al.: Forward-secure Threshold Signature Scheme. RSA 2001 (2001)

    Google Scholar 

  32. Abdalla, M., Reyzin, L.: A New Forward-Secure Digital Signature Scheme. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 116. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  33. Bellare, M., Miner, S.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 431. Springer, Heidelberg (1999)

    Google Scholar 

  34. Damgard, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)

    Google Scholar 

  35. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  36. Guillou, L., Quisquater, J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmisson and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)

    Google Scholar 

  37. Lee, S.W., Kim, H.S., Yoo, K.Y.: Comment on a remote user authentication scheme using smart cards with forward secrecy. IEEE Tran. on Consumer Electronics 50(2), 576–577 (2004)

    Article  Google Scholar 

  38. Kumar, M.: Some remarks on a remote user authentication scheme using smart cards with forward secrecy. IEEE Tran. on Consumer Electronics 50(2), 615–618 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiaotong University, 1954 Huashan Road, Shanghai, 200030, P.R. China

    Zhenchuan Chai, Zhenfu Cao & Rongxing Lu

Authors
  1. Zhenchuan Chai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhenfu Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rongxing Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, St. Francis Xavier University, Antigonish, Canada

    Laurence T. Yang

  2. Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology, Huazhong University of Science and Technology, 430074, Wuhan, China

    Hai Jin

  3. Hosei University, 184-8584, Tokyo, Japan

    Jianhua Ma

  4. Department of Computer Science, University of Augsburg, 86135, Augsburg, Germany

    Theo Ungerer

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chai, Z., Cao, Z., Lu, R. (2006). Remote Authentication with Forward Security. In: Yang, L.T., Jin, H., Ma, J., Ungerer, T. (eds) Autonomic and Trusted Computing. ATC 2006. Lecture Notes in Computer Science, vol 4158. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11839569_40

Download citation

  • DOI: https://doi.org/10.1007/11839569_40

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38619-3

  • Online ISBN: 978-3-540-38622-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation