원문정보
초록
영어
As computer networks become an essential part of our daily life, therefore, protecting the resources from unauthorized users come forward with more challenging and complicated task for the researchers. From the last few decades, many number of password-based authentication schemes have been adopted in multi-server environment to protect the resources from any adversary means. Recently, Li et al. has proposed a dynamic-id based remote user authentication scheme and claimed that their scheme can provide more security than existing schemes and is suitable for practical applications. But, in this paper, we have shown that their scheme is not too much secured as they have claimed and it can suffer from stolen smart card attack, user impersonate attack and lack of some important features of smart card as well. To overcome these security flaws, we have further proposed an improved anonymous authentication scheme.
목차
1. Introduction
2. Overview of Li et al.’s Scheme
2.1 User Registration Phase
2.2 User Login and Authentication phase
3. Flaws of Li et al.’s Scheme
3.1 Stolen Smart Card Attack
3.2 User Impersonates Attack
3.3 Revocation of User’s Lost or Stolen Smart Card
4. Proposed Scheme
4.1 Registration Phase
4.2 User Login Phase
4.3 Authentication Phase
4.4 Password Updating Phase
4.5 Revocation of User’s Lost or Stolen Smart Card
5. Security Analysis
6. Performance and Security Comparison
7. Conclusion
References