Paper 2016/023

Improved on an improved remote user authentication scheme with key agreement

Yalin Chen, Jue-Sam Chou, and I - Chiung Liao


Recently, Kumari et al. pointed out that Chang et al.’s scheme “Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update” not only has several drawbacks, but also does not provide any session key agreement. Hence, they proposed an improved remote user authentication Scheme with key agreement on Chang et al.’s Scheme. After cryptanalysis, they confirm the security properties of the improved scheme. However, we determine that the scheme suffers from both anonymity breach and he smart card loss password guessing attack, which are in the ten basic requirements in a secure identity authentication using smart card, assisted by Liao et al. Therefore, we modify the method to include the desired security functionality, which is significantly important in a user authentication system using smart card.

Available format(s)
Publication info
Preprint. MINOR revision.
user authenticationkey agreementcryptanalysissmart cardpassword changeuntraceabledynamic identityanonymityremote user authentication
Contact author(s)
jschou @ mail nhu edu tw
2016-01-12: received
Short URL
Creative Commons Attribution


      author = {Yalin Chen and Jue-Sam Chou and I - Chiung Liao},
      title = {Improved on an improved remote user authentication scheme with key agreement},
      howpublished = {Cryptology ePrint Archive, Paper 2016/023},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.