An Efficient and Practical Solution to Remote Authentication: Smart Card

Chien, Hung‐Yu; Jan, Jinn‐Ke; Tseng, Yuh‐Min

doi:10.1016/s0167-4048(02)00415-7

Cited by 393 publications

(187 citation statements)

References 18 publications

Supporting

Mentioning

174

Contrasting

Order By: Relevance

“…1) Calculates C 8 = H(C 2 || N s || B s ) 2) Checks whether C 8 = C 7 . If the values are equal, the server authenticates the user and mutual authentication is achieved.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Cryptanalysis and Improvement of a Two-Factor User Authentication Scheme Providing Mutual Authentication and Key Agreement over Insecure Channels

Kalsoom¹,

Ziauddin²

2013

IJMLC

View full text Add to dashboard Cite

show abstract

“…1) Calculates C 8 = H(C 2 || N s || B s ) 2) Checks whether C 8 = C 7 . If the values are equal, the server authenticates the user and mutual authentication is achieved.…”

Section: Discussionmentioning

confidence: 99%

“…In addition, change of password is also allowed in their scheme. One way hash functions were used by Chien [7] in their remote mutual authentication scheme. Unfortunately, their scheme is susceptible to insider attack as shown by Chen [8].…”

Section: Related Workmentioning

confidence: 99%

Cryptanalysis and Improvement of a Two-Factor User Authentication Scheme Providing Mutual Authentication and Key Agreement over Insecure Channels

Kalsoom¹,

Ziauddin²

2013

IJMLC

View full text Add to dashboard Cite

show abstract

“…The ability to provide security guarantees is of paramount importance and several initiatives have been proposed to address this concern. Due to the low computation cost and portability of smartcard and easy memorization of user chosen password, two-factor smartcard authentication [2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21] using password is commonly used in Internet-based applications such as remote user/server login, online banking, Pay-TV, electronic voting, secret online order placement.…”

Section: Introductionmentioning

confidence: 99%

“…For example in 2002, Chien et al [2] proposed one such scheme, but was subsequently found to be vulnerable to reflection and insider attacks [3]. To remove these drawbacks, Ku and Chen [3] designed another improved scheme, but Wang et al [4] demonstrated that the scheme is insecure against off-line password guessing attack, forgery attack and denial of service (DoS) attack, and proposed another improved scheme.…”

Section: Introductionmentioning

confidence: 99%

“…To remove these drawbacks, Ku and Chen [3] designed another improved scheme, but Wang et al [4] demonstrated that the scheme is insecure against off-line password guessing attack, forgery attack and denial of service (DoS) attack, and proposed another improved scheme. However, Chung et al [5] revealed that Wang et al's scheme [2] is still susceptible to impersonation attack and off-line password guessing attack. In addition, Wang et al's scheme is not easily repairable and is unable to provide perfect forward secrecy of the generated session key.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cryptanalysis of an Improved Smartcard-based Remote Password Authentication Scheme

Islam¹,

Biswas²,

Choo³

2014

Inf. Sci. Lett.

View full text Add to dashboard Cite

Abstract:In recent years, several dynamic identity-based two-factor user authentication using password and smartcard have been proposed to provide mutual authentication between the user and server over unreliable networks. However, the design of secure cryptographic schemes is still notoriously hard, and there have been several instances of detected flaws in published schemes. For example in 2010, Hao and Yu demonstrated that Wang et al.'s user authentication scheme is insecure against off-line password guessing and server masquerade attacks, and proposed an improved scheme. Subsequently in 2012, Chao pointed out that the improved scheme of Hao and Yu is, unfortunately, susceptible to off-line password guessing and server masquerade attacks, and prone to password backward security problem; and proposed an enhanced scheme. In this paper, we demonstrated that Chao's enhanced scheme is not secure against user masquerade attack, server masquerade attack, insider attack and off-line password guessing attack in violation of its security claim as well as it fails to achieve users' anonymity.

show abstract

A taxonomy of various attacks on smart card–based applications and countermeasures

Gupta

Quamara

2018

Concurrency and Computation

View full text Add to dashboard Cite

Deployment of smart card-based applications is becoming prevalent these days. Security of these applications depends upon the nature of underlying hardware and software platforms, cryptographic algorithms, along with a number of other security mechanisms. To develop a secure smart card-based application, preliminary evaluation of the security of embedded software as well as how that software will work in real time is required. Over the past few years, significant improvements have been made in smart card technology for its large-scale acceptance. However, attackers are in continuous search for exploiting the unknown issues related to this technology. This survey discusses smart card technology in detail and provides a comprehensive taxonomy of security attacks on smart card-based applications and their countermeasures. In addition, it covers some of the open source tools available for its development. Finally, it provides a brief outline of some of the major open challenges and future research directions that are yet to be explored.

show abstract

An Efficient and Practical Solution to Remote Authentication: Smart Card

Cited by 393 publications

References 18 publications

Cryptanalysis and Improvement of a Two-Factor User Authentication Scheme Providing Mutual Authentication and Key Agreement over Insecure Channels

Cryptanalysis and Improvement of a Two-Factor User Authentication Scheme Providing Mutual Authentication and Key Agreement over Insecure Channels

Cryptanalysis of an Improved Smartcard-based Remote Password Authentication Scheme

A taxonomy of various attacks on smart card–based applications and countermeasures

Contact Info

Product

Resources

About