원문정보
초록
영어
Password-based authentication scheme is one of the efficient authentication mechanics to protect resources from unauthorized access. Chang-Lee, in 2008, proposed a password-based mutual authentication scheme to overcome the security drawbacks of Wu-Chieu’s scheme. In this paper, we have shown that Chang-Lee’s scheme is vulnerable to various attacks known by literatures. Also we proposed an improved scheme to overcome the security drawbacks of Chang-Lee’s scheme. As a result of analysis, the proposed scheme not only withstands the various attacks, such as the user impersonation attack, the server masquerading, the man-in-the-middle attack, the off-line password guessing, the insider attack, but also provides mutual authentication between the user and the server. At the same time, the proposed scheme is more efficient than the related schemes in terms of the computational complexities.
목차
1. Introduction
2. Reviews of Chang-Lee’s Scheme
2.1. Registration Phase
2.2. Login Phase
2.3. Authentication Phase
3. Security Weaknesses of Chang-Lee’s Scheme
3.1. User Impersonation Attack
3.2. Server Masquerading Attack
3.3. Password Guessing Attack
3.4. Insider Attack
3.5. Mutual Authentication
4. The Proposed Scheme
4.1. Registration Phase
4.2. Login Phase
4.3. Authentication Phase
5. Security Analysis and Performance Evaluations of the Proposed Scheme
5.1. Security Analysis
5.2. Performance Evaluations
6. Conclusions
References