earticle

논문검색

Security Analysis and Improvements of a Password-Based Mutual Authentication Scheme with Session Key Agreement

원문정보

Younghwa An, Youngdo Joo

보안공학연구지원센터(IJSIA) International Journal of Security and Its Applications Vol.7 No.1 2013.01 pp.85-94
피인용수 : 0(자료제공 : 네이버학술정보)

초록

영어

Password-based authentication schemes have been widely adopted to protect resources from unauthorized access. In 2008, Chang-Lee proposed a friendly password-based mutual authentication scheme to avoid the security weaknesses of Wu-Chieu’s scheme. In this paper, we demonstrate that Chang-Lee’s scheme is vulnerable to user impersonation attack, server masquerading attack, password guessing attack, and insider attack. Also, we propose an improved scheme to overcome the security weaknesses of Chang-Lee’s scheme, even if secret information stored in the smart card is revealed. As a result of security analysis, we prove that the proposed scheme is secure for the various attacks and provides session key agreement.

목차

Abstract
 1. Introduction
 2. Reviews of Chang-Lee’s Scheme
  2.1. Registration Phase
  2.2. Login Phase
  2.3. Authentication Phase
 3. Security Weaknesses of Chang-Lee’s Scheme
  3.1. User Impersonation Attack
  3.2. Server Masquerading Attack
  3.3. Password Guessing Attack
  3.4. Insider Attack
  3.5. Mutual Authentication
 4. The Proposed Scheme
  4.1. Registration Phase
  4.2. Login phase
  4.3. Authentication Phase
 5. Security Analysis of the Proposed Scheme
  5.1. User Impersonation Attack
  5.2. Server Masquerading Attack
  5.3. Password Guessing Attack
  5.4. Insider Attack
  5.4. Insider Attack
  5.6. Session Key Agreement
 6. Conclusions
 References

키워드

저자정보

  • Younghwa An Division of Computer and Media Information Engineering, Kangnam University
  • Youngdo Joo Division of Computer and Media Information Engineering, Kangnam University

참고문헌

자료제공 : 네이버학술정보

    함께 이용한 논문

      ※ 원문제공기관과의 협약기간이 종료되어 열람이 제한될 수 있습니다.

      0개의 논문이 장바구니에 담겼습니다.