원문정보
초록
영어
Remote user authentication scheme is a kind of way to authenticate the communication parties who transmit messages through an insecure channel. Researchers in this area have proposed some approaches during the last couple of decades. Unfortunately, most of them are proved to be insecure against various attacks. In 2009, Kim and Chung improved Yoon and Yoo’s scheme, and claimed that their scheme can prevent masquerading attack as well as resist to other malicious attacks. However, we found that Kim and Chung’s scheme is still not secure enough, especially in preventing off-line password guessing attack. In this study, we proposed a more secure and practical remote user authentication scheme to resolve all of the aforementioned security vulnerabilities while preserving the merits of Kim-Chung’s scheme.
목차
1. Introduction
2. A Review of Kim-Chung’s Scheme
2.1 Registration Phase
2.2 Login Phase
2.2 Login Phase
2.4 Password Change Phase
3. Security Analysis of Kim-Chung’s Scheme
3.1 Off-line Password Guessing Attack through Password Change Phase [6]
3.2 Off-line Password Guessing Attack
4. Proposed Scheme
4.1 Registration Phase
4.2 Login Phase
4.3 Authentication Phase
4.4 Password change phase
5. Security Analysis
5.1 Masquerading User Attack
5.2 Masquerading Server Attack
5.3 Off-line Password Guessing Attack
5.4 Server’s Secret Key Guessing Attack
5.5 Replay Attack
5.5 Replay Attack
5.7 Secure Password Change
5.8 Smart Card Lost Attack
6. Comparison with Other Related Schemes
7. Conclusion
Acknowledgements
References