원문정보
초록
영어
In 2013, Li et al. proposed an improved smart card-based remote user password authentication scheme, and claimed that their scheme not only overcomes security weaknesses of the Chen et al.’s scheme but also is a more user friendly scheme compared with other schemes. In this paper, we analyze the security of Li et al.’s authentication scheme and we show that Li et al.’s authentication scheme is still insecure against the various attacks, such as the off-line password guessing attack, the forgery attack, and the session key generation attack etc. Also, we propose an improved scheme that can resist these security drawbacks of Li et al.’s authentication, even if the secret information stored in the smart card is revealed. As a result of security analysis, the improved scheme is relatively more secure against several attacks than other related schemes in terms of the security.
목차
1. Introduction
2. Reviews of Li et al.’ Scheme
2.1 Registration Phase
2.2 Login Phase
2.3 Authentication Phase
3. Attacks against of Li et al.’ Scheme
3.1 Password Guessing Attack
3.2 Forgery Attack
3.3 Session Key Gneration Attack
4. The Improved Scheme
4.1 Registration Phase
4.2 Login Phase
4.3 Authentication Phase
5. Security Analysis of the Improved Scheme
5.1 Password Guessing Attack
5.2 Forgery Attack
5.3 Replay Attack
5.4 Session Key Generation Attack
5.5 Security Comparisons of the Improved Scheme and Other Related Scheme
6. Conclusions
Acknowledgement
References