Research on User Authentication Scheme against the Man-in-the-Middle Attack
It is provided that a security analysis on Liaw-Lin-Wu’s remote user authentication scheme. Our analysis shows the scheme is vulnerable to Man-in-the-middle attack. What’s more, there are obvious security vulnerabilities in it. An improved remote user authentication scheme based on Diffie-Hellman key exchange protocol is proposed. Analysis shows the scheme is secure not only to achieve mutual authentication, but also to generate a session key in the same time. It has overcome security deficiencies of Liaw-Lin-Wu’s scheme. It is efficient and practical.
KeywordsUser Authentication Smart Card Man-in-the-middle Attack
Unable to display preview. Download preview PDF.
- 7.Wu, S.T., Chieu, B.C.: A Note on A User Friendly Remote Authentication Scheme with Smart Cards. IEICE Trans. Fund. E87-A(8), 2180–2181 (2004)Google Scholar
- 8.Lee, C.C., Lin, C.H., Chang, C.C.: An Improved Low Computation Cost User Authentication Scheme for Mobile Communication. In: Proc. 19th Advanced Information Networking and Applications (IEEE AINA 2005), vol. 2, pp. 249–252 (2005)Google Scholar
- 11.Chae, K.S.C., Kim, D.H., Choi, J.D.C., Jung, S.W.: Security Analysis and Improvement of Authtication Scheme Based on a One-way Hash Function and Diffie-Hellman Key Exchange Using Smart Card. Journal of Measurement Science and Instrumentation 1(4), 360–363 (2010)Google Scholar