A user friendly remote authentication scheme with smart cards

Wu, Shyi-Tsong; Chieu, Bin-Chang

doi:10.1016/s0167-4048(03)00616-3

Cited by 82 publications

(58 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…U i randomly chooses his password PW i and sends the pair (ID i , h(PW i )) to the server. Almost all existing user authentication schemes [3,7,[10][11][12][13]15,[17][18][19][20]22] presume the existence of a secure channel in the registration phase. This usually means the private registration data are submitted in person or through an existing secure channel.…”

Section: Registration Phasementioning

confidence: 99%

“…Furthermore, the user also needs to compute the session key as Equation (20). The session key computation mentioned above does not appear in Pathan et al's schemes [17,18] because their schemes did not provide key agreement.…”

Section: Authentication Phasementioning

confidence: 99%

“…On receiving the login request, the server first checks the validity of the identity and computes a one-way hash value of the received password, and then checks the computed value against the server's verification table. Since this approach clearly incurs the risk of tampering and the cost of managing the table, several schemes [2,4,5,9,12,14,15,[17][18][19][20][21][22] have been proposed that do not depend on a verification table.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A bilateral remote user authentication scheme that preserves user anonymity

Tseng

Jan

Yang

2008

Security Comm Networks

View full text Add to dashboard Cite

SummarySmart card-based authentication is one of the most widely used and practical solutions to remote user authentication. Compared to other authentication schemes, our proposed scheme aims to provide more functionalities and to resist well-known attacks. These crucial merits include (1) a user can freely choose and change his passwords; (2) our scheme provides mutual authentication between a server and a user; (3) it achieves user anonymity; (4) a server and a user can generate authenticated sessions keys. Moreover, our scheme can resist replay attacks, forgery attacks, insider attacks, reflection attacks, and parallel session attacks.

show abstract

Section: Registration Phasementioning

confidence: 99%

Section: Authentication Phasementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A bilateral remote user authentication scheme that preserves user anonymity

Tseng

Jan

Yang

2008

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…Many elegant schemes in this area were proposed to address various security and efficiency aspects such as replay attack [2]- [5], parallel session attack [6], mutual authentication [2], [6], [7], necessity of a verification table [2], [7], [8], [10], user impersonation [9]- [12], ID-theft [12]- [14], and communication and computation overhead [2], [4], [7], [10]. However, the preservation of user privacy has been much less investigated with respect to password-based authentication.…”

Section: Introductionmentioning

confidence: 99%

Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

Park

2010

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Jun-Cheol PARK †a) , Member SUMMARY User privacy preservation is critical to prevent many sophisticated attacks that are based on the user's server access patterns and ID-related information. We propose a password-based user authentication scheme that provides strong privacy protection using one-time credentials. It eliminates the possibility of tracing a user's authentication history and hides the user's ID and password even from servers. In addition, it is resistant against user impersonation even if both a server's verification database and a user's smart card storage are disclosed. We also provide a revocation scheme for a user to promptly invalidate the user's credentials on a server when the user's smart card is compromised. The schemes use lightweight operations only such as computing hashes and bitwise XORs.

show abstract

“…But in most of these schemes, only the user is authenticated. 26,27,28 Therefore, in this article the authors propose an efficient and secure authentication scheme. The proposed scheme not only provides mutual authentication between the remote server and the user but also increases the efficiency of authentication.…”

Section: Introductionmentioning

confidence: 99%

An Efficient and Secure Remote Authentication Scheme Using Smart Cards

Chang¹,

Lee²

2006

ISIJ

View full text Add to dashboard Cite

Security of data communication becomes a crucial challenge due to the rapid development of computer and information technologies. To ensure security of resource transmission, engineers have proposed numerous schemes for protection. Among them, the remote password authentication schemes using smart cards are regarded as very efficient. As a result, smart-card based authentication schemes has become a popular research topic in recent years. In 2000, Hwang and Li proposed a new remote authentication scheme using smart cards based on ElGamal's cryptosystem. Unfortunately, the scheme Hwang and Li propose suffers from some security flaws. In this article, the authors propose a practical and secure version providing mutual authentication, increasing the authentication efficiency, and allowing the user to choose and change his/ her password at will.

show abstract

A user friendly remote authentication scheme with smart cards

Cited by 82 publications

References 6 publications

A bilateral remote user authentication scheme that preserves user anonymity

A bilateral remote user authentication scheme that preserves user anonymity

Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

An Efficient and Secure Remote Authentication Scheme Using Smart Cards

Contact Info

Product

Resources

About