Paper 2016/023

Improved on an improved remote user authentication scheme with key agreement

Yalin Chen, Jue-Sam Chou, and I - Chiung Liao

Abstract

Recently, Kumari et al. pointed out that Chang et al.’s scheme “Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update” not only has several drawbacks, but also does not provide any session key agreement. Hence, they proposed an improved remote user authentication Scheme with key agreement on Chang et al.’s Scheme. After cryptanalysis, they confirm the security properties of the improved scheme. However, we determine that the scheme suffers from both anonymity breach and he smart card loss password guessing attack, which are in the ten basic requirements in a secure identity authentication using smart card, assisted by Liao et al. Therefore, we modify the method to include the desired security functionality, which is significantly important in a user authentication system using smart card.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
user authenticationkey agreementcryptanalysissmart cardpassword changeuntraceabledynamic identityanonymityremote user authentication
Contact author(s)
jschou @ mail nhu edu tw
History
2016-01-12: received
Short URL
https://ia.cr/2016/023
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/023,
      author = {Yalin Chen and Jue-Sam Chou and I - Chiung Liao},
      title = {Improved on an improved remote user authentication scheme with key agreement},
      howpublished = {Cryptology ePrint Archive, Paper 2016/023},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/023}},
      url = {https://eprint.iacr.org/2016/023}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.