JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2017, Vol. 52 ›› Issue (1): 37-42.doi: 10.6040/j.issn.1671-9352.2.2015.289

Previous Articles     Next Articles

A secure dynamic identity-based remote user authentication scheme

QU Juan1, LI Yan-ping2   

  1. 1. School of Mathematics and Statistics, Chongqing Three Gorges University, Wanzhou 404000, Chongqing, China;
    2. College of Mathematics and Information Science, Shaanxi Normal University, Xian 710062, Shaanxi, China
  • Received:2015-05-31 Online:2017-01-20 Published:2017-01-16

PDF (PC)

518

Abstract: A remote user authentication scheme with user anonymity based on a smart card were analyzed, it was found that the scheme was insecure to against offline password guessing attack, insider attack, user impersonation attack and server spoofing attack. In order to overcome these pitfalls, a dynamic identity remote user authentication scheme based on hash function and random number is proposed. The results show that the new scheme not only removes the aforementioned drawbacks, but also makes user free to update the password. So, the improved scheme is more suitable for practical application.

Key words: smart card, authentication, key agreement, dynamic identity

CLC Number: 

  • TP309
[1] LAMPORT L. Password authentication with insecure communication[J]. Communications of the ACM, 1981, 24(11):770-772.
[2] HWANG M S, LI L H. A new remote user authentication scheme using smart cards[J]. IEEE Transactions on Consumer Electronics, 2000, 46(1):28-30.
[3] LIN C H, LAI Y Y. A flexible biometrics remote user authentication scheme[J]. Computer Standards & Interfaces, 2004, 27(1):19-23.
[4] KHAN M K, ZHANG J. Improving the security of a flexible biometrics remote user authentication scheme[J]. Computer Standards & Interfaces, 2007, 29(1): 82-85.
[5] TSAI J L. Efficient multi-server authentication scheme based on one-way hash function without verification table[J]. Computers & Security, 2008, 27(3): 115-121.
[6] TSENG H R, JAN R H, YANG W. A bilateral remote user authentication scheme that preserves user anonymity[J]. Security and Communication Networks, 2008,1(4): 301-308.
[7] ZHU H F, HAO X, ZHANG Y F, et al. A biometrics-based multi-server key agreement scheme on chaotic maps cryptosystem[J]. Journal of Information Hiding and Multimedia Signal Processing, 2015, 6(2): 211-224.
[8] TSAI C S, LEE C C, HWANG M S. Password Authentication Schemes: current status and key issues[J]. Internatonal Journal of Network Security, 2006, 3(2): 101-115.
[9] DAS M L, SAXEAN A, GULATI V P. A dynamic ID-based remote user authentication scheme[J]. IEEE Transactions on Consumer Electronics, 2004, 50(2): 629-631.
[10] KU W C, CHANG S T. Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards[J]. IEICE Transactions on Communications, 2005, 88(5):2165-2167.
[11] WANG Y, LIU J, XIAO F, et al. A more efficient and secure dynamic ID-based remote user authentication scheme[J]. Computer Communications, 2009, 32(4): 583-585.
[12] LIAO C H, CHEN H C, WANG C T. An exquisite mutual authentication scheme with key agreement using smart card[J]. Informatica, 2009, 33(2): 117-124.
[13] SHIN S, KIM K, KIM K H, et al. A remote user authentication scheme with anonymity for mobile devices[J]. International Journal of Advanced Robotic Systems, 2012, 9(13): 1-7.
[14] LEE Y C. Weakness and Improvement of the Smart Card Based Remote User Authentication Scheme with Anonymity [J]. Journal of Information Science and Engineering, 2013, 29(6): 1121-1134.
[1] ZHU Zhi-qiang, MA Ke-xin, SUN Lei. A zero-knowledge proof based remote desktop authentication protocol [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 47-52.
[2] . A system of monitoring and protecting Android privacy leakage [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 59-67.
[3] WAN Zhi-ping. An authentication protocol based on hybrid Das protocol for wireless sensor networks [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2015, 50(05): 12-17.
[4] WANG Xu-yu, JING Feng-xuan, WANG Yu-qing. An improved hash-based RFID security authentication algorithm [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(09): 154-159.
[5] NI Liang1,2,3, CHEN Gong-liang3, LI Jian-hua3. Security analysis of the eCK model [J]. J4, 2013, 48(7): 46-50.
[6] WANG Ding1,2, XUE Feng1, WANG Li-ping1, MA Chun-guang2. Improved password-based key agreement scheme with perfect forward secrecy [J]. J4, 2012, 47(9): 19-25.
[7] WANG Juan1,2, HE Qi1, YAN Fei1,2, JIANG Wan-wei1, YANG Ming1, WANG Yan1. A user-centric identity management and authentication system for mobile Internet [J]. J4, 2012, 47(11): 12-17.
[8] PAN Xiao-zhong1, 2, LUO Peng1, LIU Fang-ming1, LEI Yu1. Design of digital authentication camera based on FPGA [J]. J4, 2012, 47(11): 59-66.
[9] SHI Runhua, ZHONG Hong. A novel anonymous threshold secret sharing scheme [J]. J4, 2012, 47(11): 31-39.
[10] ZHENG Shi-hui,WANG Shao-hui and ZHANG Guo-yan . A dynamic secure and efficient group key agreement protocol [J]. J4, 2006, 41(2): 89-93 .
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright 2018 © Editorial office of JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
Supported by Beijing Magtech Co.Ltd