### Improved on an improved remote user authentication scheme with key agreement

Yalin Chen, Jue-Sam Chou, and I - Chiung Liao

##### Abstract

Recently, Kumari et al. pointed out that Chang et al.’s scheme “Untraceable dynamic-identity-based remote user authentication scheme with veri&#64257;able password update” not only has several drawbacks, but also does not provide any session key agreement. Hence, they proposed an improved remote user authentication Scheme with key agreement on Chang et al.’s Scheme. After cryptanalysis, they confirm the security properties of the improved scheme. However, we determine that the scheme suffers from both anonymity breach and he smart card loss password guessing attack, which are in the ten basic requirements in a secure identity authentication using smart card, assisted by Liao et al. Therefore, we modify the method to include the desired security functionality, which is significantly important in a user authentication system using smart card.

Available format(s)
Publication info
Preprint. MINOR revision.
Keywords
user authenticationkey agreementcryptanalysissmart cardpassword changeuntraceabledynamic identityanonymityremote user authentication
Contact author(s)
jschou @ mail nhu edu tw
History
Short URL
https://ia.cr/2016/023

CC BY

BibTeX

@misc{cryptoeprint:2016/023,
author = {Yalin Chen and Jue-Sam Chou and I - Chiung Liao},
title = {Improved on an improved remote user authentication scheme with key agreement},
howpublished = {Cryptology ePrint Archive, Paper 2016/023},
year = {2016},
note = {\url{https://eprint.iacr.org/2016/023}},
url = {https://eprint.iacr.org/2016/023}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.