AUTHHOTP - HOTP Based Authentication Scheme over Home Network Environment
With the rapid growth of Internet users and wireless applications, interests on home networks have been enormously increased in recent years. For digital home networks, robust security services including remote user authentication have become essential requirements. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated b research community in these decades. Recently, Vaidya et al. proposes a robust one time password authentication scheme using smart card for home network environment. The authors claimed that their scheme delivers important security features and system functionalities, such as mutual authentication, no verification table, no time synchronization, resistance against password guessing attacks, smart card loss attacks, forward secrecy with lost smart card and forged user attacks, as well as computation efficiency. However, we first demonstrate two vulnerabilities on the scheme. Then, we propose an improved scheme to eliminate all identified security flaws in the scheme.
KeywordsSmart Card Authentication Scheme Home Network Replay Attack Forward Secrecy
Unable to display preview. Download preview PDF.
- 1.Weiser, M.: The computer for the twenty-first century. Scientific American, 94–100 (1991)Google Scholar
- 2.Kim, G.W., Lee, D.G., Han, J.W., Kim, S.C., Kim, S.W.: Security framework for home network: Authentication, authorization, and security policy. In: Washio, T., Zhou, Z.-H., Huang, J.Z., Hu, X., Li, J., Xie, C., He, J., Zou, D., Li, K.-C., Freire, M.M. (eds.) PAKDD 2007. LNCS (LNAI), vol. 4819, pp. 621–628. Springer, Heidelberg (2007)CrossRefGoogle Scholar
- 3.Ellision, C.M.: Interoperable home infrastructure home network security. Intel Technology Journal 6, 37–48 (2002)Google Scholar
- 6.Jiang, Z.J., Kim, S.O., Lee, K.H., Bae, H.C., Kim, S.W.: Security service framework for home network. In: Proceedings of the Fourth Annual ACIS International Conference on Computer and Information Science 2005, pp. 233–238 (2005)Google Scholar
- 8.Yeh, T.C., Shen, H.Y., Hwang, J.J.: “A secure one-time password authentication scheme using smart cards. IEICE Transactions on Communications E85-B(11), 2515–2518 (2002)Google Scholar
- 9.Tsuji, T., Shimizu, A.: One-time password authentication protocol against theft attacks. IEICE Transactions on Communications E87-B(3), 523–529 (2004)Google Scholar
- 13.Jeong, J., Chung, M.Y., Choo, H.: Integrated OTP-based user authentication scheme using smart cards in home networks. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (2008)Google Scholar
- 15.Yoon, E.J., Yoo, K.Y.: More efficient and secure remote user authentication scheme with smart cards. In: Proceedings of 11th International Conference on Parallel and Distributed System, vol. 2, pp. 73–77 (2005)Google Scholar