Abstract
Many smart-card-based remote authentication schemes have been proposed recently. In 2004, Yoon et al. presented an improved scheme which is the leading of a research track started from Sun, 2000. In this paper, we illustrate that Yoon et al.’s scheme is vulnerable to the parallel session attack and propose an enhancement of the scheme to resist that attack. In our scheme the parties further establish a forward-secure session key by employing only hash functions to protect the subsequent communications. We also demonstrate that our scheme has better security in comparison to other related works, while it does not incur much computational cost
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare M, Yee B (2003) Forward-security in private-key cryptography. Topics in Cryptology– CT-RSA, Lecture Notes in Computer Science 2612:1–18
Chien HY, Jan JK, Tseng YM (2002) An efficient and practical solution to remote authentication: smart card. Computers&Security 21(4):372–375
Clark J, Jacob J (1996) Attacking authentication protocols. High Integrity Systems 1(5):465–474
Diffie W, Hellman M (1976) New directions in cryptography. IEEE Transactions on Information Theory 22(6):644–654
Diffie W, Oorschot PCV, Wiener MJ (1992) Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2):107–125
Hwang MS, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(1):28–30
Hwang T, Ku WC (1995) Reparable key distribution protocols for Internet environments. IEEE Transactions on Communications 43(5):1947–1949
Juang WS (2004) Efficient password authenticated key agreement using smart cards. Computers&Security 23(2):167–173
Ku WC, Chen SM (2004) Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(1):204–207
Lamport L (1981) Password authentication with insecure communication. Communications of the ACM 24(11):770–772
Liao IE, Lee CC, Hwang MS (2006) A password authentication scheme over insecure networks. Journal of Computer and System Sciences 72(4):727–740
Shieh WG, Wang JM (2006) Efficient remote mutual authentication and key agreement. Computers&Security 25(1):72–77
Stallings W (2005) Cryptography and network security. 4th ed. New Jersey, Prentice Hall
Sun HM (2000) An efficient remote use authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(4):958–961
Yoon EJ, Ryu EK, Yoo KY (2004) Further improvement of an efficient password based remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(2):612–614
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer
About this chapter
Cite this chapter
Asadpour, M., Sattarzadeh, B., Jalili, R. (2007). Enhanced Smart-Card-Based Authentication Scheme Providing Forward-Secure Key Agreement. In: Labiod, H., Badra, M. (eds) New Technologies, Mobility and Security. Springer, Dordrecht. https://doi.org/10.1007/978-1-4020-6270-4_37
Download citation
DOI: https://doi.org/10.1007/978-1-4020-6270-4_37
Publisher Name: Springer, Dordrecht
Print ISBN: 978-1-4020-6269-8
Online ISBN: 978-1-4020-6270-4
eBook Packages: EngineeringEngineering (R0)