Abstract
In 2010, Martinez-Pelaez et al. proposed an remote user authentication scheme with session key agreement for multi-server environment. They claimed that their scheme is efficient and secure against known attacks. However, this work shows that Martinez-Pelaez et al.’s scheme is exposed to various attacks. In this paper, we describe that Martinez-Pelaez et al.’s scheme is vulnerable to masquerade attack, server spoofig attack, stolen smart card attack, and is not easily repairable.
This research was supported by the KCC(Korea Communications Commission), Korea, under the R&D program supervised by the KCA(Korea Communications Agency) (KCA-2012-12-912-06-003).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellovin, S.M., Merritt, M.: Limitations of the Kerberos authentication system. ACM Computer Communication Review 20(5), 119–132 (1990)
Bird, R., Gopal, I., Herzberg, A., Janson, P.A., Kutten, S., Molva, R., Yung, M.: Systematic design of a family of attack-resistant authentication protocols. IEEE Journal on Selected Areas in Communications 11(5), 679–693 (1993)
Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchange. Designs, Codes and Cryptography 2(2), 107–125 (1992)
Gong, L.: A security risk of depending on synchronized clocks. ACM SIGOPS Operating Systems Review 26(1), 49–53 (1992)
Liao, K.C., Lee, W.-H.: A Novel User Authentication Scheme Based on QR-Code. Journal of Networks 5, 937–941 (2010)
Wang, J.-S., Yang, F.-Y., Paik, I.: A Novel E-cash Payment Protocol Using Trapdoor Hash Function on Smart Mobile Devices. International Journal of Computer Science and Network Security 11(6), 12–19 (2011)
Schneier, B.: Two-Factor Authentication: Too Little, Too Late, in Inside Risks 178. Communications of the ACM 48(4) (2005)
Aloul, F., Zahidi, S., EI-Hajj, W.: Two Factor Authentication Using Mobile Phones. Computer Systems and Applications, 641–649 (2009)
Park, N., Kwak, J., Kim, S., Won, D., Kim, H.: WIPI Mobile Platform with Secure Service for Mobile RFID Network Environment. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds.) APWeb Workshops 2006. LNCS, vol. 3842, pp. 741–748. Springer, Heidelberg (2006)
Park, N.: Security Scheme for Managing a Large Quantity of Individual Information in RFID Environment. In: Zhu, R., Zhang, Y., Liu, B., Liu, C. (eds.) ICICA 2010. CCIS, vol. 106, pp. 72–79. Springer, Heidelberg (2010)
Park, N.: Secure UHF/HF Dual-Band RFID: Strategic Framework Approaches and Application Solutions. In: Jędrzejowicz, P., Nguyen, N.T., Hoang, K. (eds.) ICCCI 2011, Part I. LNCS, vol. 6922, pp. 488–496. Springer, Heidelberg (2011)
Park, N.: Implementation of Terminal Middleware Platform for Mobile RFID computing. International Journal of Ad Hoc and Ubiquitous Computing 8(4), 205–219 (2011)
Park, N., Song, Y.: Secure RFID Application Data Management Using All-Or-Nothing Transform Encryption. In: Pandurangan, G., Anil Kumar, V.S., Ming, G., Liu, Y., Li, Y. (eds.) WASA 2010. LNCS, vol. 6221, pp. 245–252. Springer, Heidelberg (2010)
Park, N.: The Implementation of Open Embedded S/W Platform for Secure Mobile RFID Reader. The Journal of Korea Information and Communications Society 35(5), 785–793 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Kim, M., Park, N., Won, D. (2012). Weaknesses of a Dynamic ID-Based Remote User Authentication Scheme with Session Key Agreement for Multi-server Environment. In: Park, J., Kim, J., Zou, D., Lee, Y. (eds) Information Technology Convergence, Secure and Trust Computing, and Data Management. Lecture Notes in Electrical Engineering, vol 180. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5083-8_29
Download citation
DOI: https://doi.org/10.1007/978-94-007-5083-8_29
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5082-1
Online ISBN: 978-94-007-5083-8
eBook Packages: EngineeringEngineering (R0)