Cryptanalysis of "an improved timestamp-based remote user authentication scheme"

With the popularity of Internet technology, remote user authentication is receiving more and more attention than before. Recently, Awasthi et al. analysed weakness of the timestamp-based authentication scheme proposed by Shen et al. and proposed an improved scheme to prevent its forgery attacks. The...

Full description

Saved in:
Bibliographic Details
Main Authors: Kumari, S., Gupta, Mridul K., Khan, Muhammad Khurram, Bin Muhaya, Fahad T.
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Computer crime
Computers
cryptanalysis
Cryptography
Educational institutions
smart card
smart card loss
Smart cards
timestamp
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the popularity of Internet technology, remote user authentication is receiving more and more attention than before. Recently, Awasthi et al. analysed weakness of the timestamp-based authentication scheme proposed by Shen et al. and proposed an improved scheme to prevent its forgery attacks. They claimed that their scheme is secure against forged login attack, provides forward secrecy, and has better performance than that of Shen et al.'s scheme without increasing any additional computations. In this paper, we show that the improved scheme proposed by Awasthi et al. is vulnerable to attacks like smart card loss attack, man-in-the-middle attack, ID-theft attack, etc. Further, we explain how their improved scheme inherits weakness from the original scheme and falls prey to some other attacks also.
DOI:10.1109/ICQR2MSE.2012.6246494