Cryptology ePrint Archive: Report 2015/656
Cryptanalysis of a Markov Chain Based User Authentication Scheme
Ruhul Amin and G.P. Biswas
Abstract: Session key agreement protocol using smart card is extremely popular in client-server environment for secure communication. Remote user authentication protocol plays a crucial role in our daily life such as e-banking, bill-pay, online games, e-recharge, wireless sensor network, medical system, ubiquitous devices etc. Recently, Djellali et al. proposed a session key agreement protocol using smart card for ubiquitous devices. The main focus of this paper is to analyze security pitfalls of smart card and password based user authentication scheme. We have carefully reviewed Djellali et al.'s scheme and found that the same scheme suffers from several security weaknesses such as off-line password guessing attack, privileged insider attack. Moreover, we demonstrated that the Djellali et al.'s scheme does not provide proper security protection on the secret key of the server and presents inefficient password change phase.
Category / Keywords: cryptographic protocols / Security Attacks, Markov Chain, Authentication Protocol, Smart Card.
Date: received 1 Jul 2015
Contact author: amin_ruhul at live com
Available format(s): PDF | BibTeX Citation
Version: 20150702:075848 (All versions of this report)
Short URL: ia.cr/2015/656
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]