Cryptanalysis of a flexible remote user authentication scheme using smart cards

In 2002, Lee, Hwang, and Yang proposed a verifier-free remote user authentication scheme using smart cards. Their scheme is efficient because of mainly using cryptographic hash functions. However, we find that Lee-Hwang-Yang's scheme is not reparable once the user's permanent secret is com...

Full description

Saved in:
Bibliographic Details
Published in:Operating systems review 2005, Vol.39 (1), p.90-96
Main Authors: KU, Wei-Chi, CHEN, Shuai-Min
Format: Article
Language:English
Subjects:
Applied sciences
Cryptography
Exact sciences and technology
Information, signal and communications theory
Signal and communications theory
Telecommunications and information theory
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In 2002, Lee, Hwang, and Yang proposed a verifier-free remote user authentication scheme using smart cards. Their scheme is efficient because of mainly using cryptographic hash functions. However, we find that Lee-Hwang-Yang's scheme is not reparable once the user's permanent secret is compromised and is vulnerable to a privileged insider's attack. Furthermore, it lacks the user eviction mechanism. In this paper, we first show the weaknesses of Lee-Hwang-Yang's scheme, and then compare Lee-Hwang-Yang's scheme with three similar schemes.
ISSN:0163-5980
1943-586X
DOI:10.1145/1044552.1044562