CFP last date
22 April 2024
Reseach Article

An Enhanced Secure Remote User Authentication Scheme without Verification Table

by Sumitra Binu, Pethuru Raj, M. Misbahuddin
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 114 - Number 10
Year of Publication: 2015
Authors: Sumitra Binu, Pethuru Raj, M. Misbahuddin
10.5120/20011-1970

Sumitra Binu, Pethuru Raj, M. Misbahuddin . An Enhanced Secure Remote User Authentication Scheme without Verification Table. International Journal of Computer Applications. 114, 10 ( March 2015), 1-5. DOI=10.5120/20011-1970

@article{ 10.5120/20011-1970,
author = { Sumitra Binu, Pethuru Raj, M. Misbahuddin },
title = { An Enhanced Secure Remote User Authentication Scheme without Verification Table },
journal = { International Journal of Computer Applications },
issue_date = { March 2015 },
volume = { 114 },
number = { 10 },
month = { March },
year = { 2015 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume114/number10/20011-1970/ },
doi = { 10.5120/20011-1970 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:52:18.464325+05:30
%A Sumitra Binu
%A Pethuru Raj
%A M. Misbahuddin
%T An Enhanced Secure Remote User Authentication Scheme without Verification Table
%J International Journal of Computer Applications
%@ 0975-8887
%V 114
%N 10
%P 1-5
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

With the significant advances in communication networks over the last few decades, smart cards have been widely used in many e-commerce applications and network security protocols due to their low cost, portability, efficiency and cryptographic properties. In this paper, we analyze Sood et al. 's smart card based authentication scheme and demonstrate that the scheme is vulnerable to masquerade user attack, offline password guessing attack, time concurrency weaknesses and fails to achieve mutual authentication. A secure dynamic identity based remote user authentication scheme without verification tables, is proposed in this paper and the scheme resolves the aforementioned problems of Sood et al. 's scheme. The computation cost of the proposed scheme is comparable to Sood et al. 's scheme and it is highly secure taking into consideration the complexity of calculating discrete logarithms and the resistance to various attacks.

References
  1. W. C. Ku, S. M. Chen, "Weakness and Improvement of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards," IEEE Transactions on Consumer Electronics 50(1), 204-207 (2004)
  2. Y. C. Chen, L. Y. Yeh, " An Efficient Nonce-Based Authentication Scheme with Key Agreement," Applied Mathematics and Computation 169(2), 982-994 (2005)
  3. W. G. Shieh, J. M. Wang, "Efficient Remote Mutual Authentication and Key Agreement," Computers and Security 25(1), 72-77 (2006)
  4. H. C Hsiang, W. K. Shih,"Weakness and Improvement of Yoon-Ryu-Yoo Remote User Authentication Scheme Using Smart Cards," Computer Communications 32(4), 649-652 (2009)
  5. M. Kumar, "A New Secure Remote User Authentication Scheme with Smart Cards", International Journal of Network Security 11, 88-93 (2010)
  6. S. K. Sood, A. K Sarje, K. Singh, "A Secure Dynamic Identity-Based Remote User Authentication Scheme," In:T. Janowski, H. Mohanty. (eds) ICDCIT 2010. LNCS, vol. 5966, pp. 224-235, Springer, Heidelberg (2010)]
  7. M. Misbahuddin, A. A. Mohammed, M. H. Shastri, "A Simple and Efficient Solution to Remote User Authentication using Smart Cards," In Proceeding of International Conference on Innovations in Information Technology (IIT '06), Dubai,Nov. 2006, pp. 1-5.
  8. L. Lamport, "Password Authentication with Insecure Communication," Communications of the ACM, vol. 24. no. 11, pp. 770-772, November 1981
  9. M. L. Das, A. Saxena and V. P. Gulati," A Dynamic ID-Based Remote User Authentication Scheme, " IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 629-631, May 2004
  10. T. Goriparthi, M. L. Das, A. Saxena, "An Improved Bilinear Pairing Based Remote User Authentication Scheme," Computer Standards and Interfaces 2009, 31 : (181-185)
  11. Y. P. Liao, S. S. Wang, "A Secure Dynamic ID Based Remote User Authentication Scheme for Multi Server Environment," Computer Standards and Interfaces 2009, 31(1): 24-29
  12. Y. Y. Wang, J. Y. Liu, F. X. Xiao, J. Dan, "A More Efficient and Secure Dynamic ID Based Remote User Authentication Scheme," Computer Communications, 2009, 32(2): 583-585
  13. H. Y Chien and C. H. Chen, "A Remote Authentication Scheme Preserving User Anonymity," In Proceedings of Advanced Information Networking and Applications, vol. 2, pp. 245-248, March 2005
  14. I. E. Liao, C. C. Lee and M. S. Hwang, "Security Enhancement for a Dynamic ID-Based Remote User Authentication Scheme," In Proceeding of Conference on Next Generation on Web Services Practice, pp. 437-440, July 2005
  15. E. J. Yoon and K. Y. Yoo, " Improving the Dynamic ID-Based Remote Mutual Authentication Scheme," In Proceedings of OTM Workshops 2006, LNCS 4277, pp. 499-507, July 2006
  16. Y. P Liou, J. Lin and S. S. Wang, " A New Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards," In Proceedings of 16th Information Security Conference, Taiwan, pp. 198-205, July 2006
  17. H. C. Shih, "Cryptanalysis on Two Password Authentication Schemes," Laboratory of Cryptography and Information Security, National Central University, Taiwan, July 2008
  18. H. C. Hsiang and W. K. Shih, "Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-Server Environment", Computer Standards & Interfaces, vol. 31, (2009), pp. 1118-1123
  19. S. K. Sood. A. K. Sarje and K. Singh, "An Improvement of Liou et al. 's Authentication Scheme Using Smart Cards," International Journal of Computer Applications, vol. 1, no. 8, (2010), pp. 16-23
  20. W. C. Ku and S. T. Chang, "Impersonation Attack on Dynamic ID-Based Remote User Authentication Scheme using Smart Cards," IEICE Transactions on Communications, vol. E88-B, No. 5, pp. 2165-2167, May 2005
  21. C. S. Kwang and G. C. Jung, "An Improvement of Sood et al. 's Authentication Scheme using Smart Card", International Journal of Security and Its Applications, vol. 7, No. 3, May, 2013
Index Terms

Computer Science
Information Sciences

Keywords

Remote User Authentication Smart Cards No Verification Table Cyclic groups Discrete Logarithm