Security Issues in Smart Card Authentication Scheme

Pippal, Ravi Singh; Jaidhar, C. D.; Tapaswi, Shashikala

doi:10.7763/ijcte.2012.v4.452

Cited by 7 publications

(4 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Authentication, non-repudiation, confidentiality, and integrity are the fundamental security properties that must be satisfied by any system. However, by studying Ko and Caytiles [3] and Pippal et al [4], it can be figured out that in addition to these four fundamental security properties, forward security, along with availability, must also be included in the implementation in order to secure the smart cards. The security attributes satisfied by smart card-based systems are briefly described below:…”

Section: Security Requirements For Smart Cardsmentioning

confidence: 99%

“…Ko and Caytiles wrote a review of the security of smart card-based systems and categorized the attacks on smart cards as side-channel attacks, logical attacks, physical attacks, and other attacks. Pippal et al [4] pointed out that impersonation attacks, session attacks, password-guessing attacks, and replay attacks can be launched on smart cards. Mahanta et al [6] have explored that besides other attacks, power analysis attacks are also a threat to smart cards.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

et al. 2020

View full text Add to dashboard Cite

In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.

show abstract

Section: Security Requirements For Smart Cardsmentioning

confidence: 99%

mentioning

confidence: 99%

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

et al. 2020

View full text Add to dashboard Cite

show abstract

“…H o o n K o and C a y t i l e s [19] have given a review on smart card security in which they have divided the attacks on smart cards into four categorieslogical attacks, physical attacks, side channel attacks, and other attacks. P i p p a l, J a i d h a r and T a p a s w i [34] have mentioned that the password guessing attack, impersonation attack, session attack, replay attack, DoS attack, and attack on forward secrecy can be attempted on the authentication schemes of smart cards. M a h a n t a, A z a d and K h a n [35] have mentioned that power analysis attacks are also a threat for smart cards.…”

Section: Threats and Attacksmentioning

confidence: 99%

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

Singh

Patro²

2019

Cybernetics and Information Technologies

View full text Add to dashboard Cite

Security has been a primary concern in almost all areas of computing and for the devices that are low on computing power it becomes more important. In this paper, a new class of computing device termed as Low Computing Power Device (LCPD) has been defined conceptually. The paper brings out common attributes, security requirements and security challenges of all kinds of low computing power devices in one place so that common security solutions for these can be designed and implemented rather than doing this for each individual device type. A survey of existing recent security solutions for different LCPDs hasve been presented here. This paper has also provided possible security solutions for LCPDs which include identification of countermeasures against different threats and attacks on these devices, and choosing appropriate cryptographic mechanism for implementing the countermeasures efficiently.

show abstract

“…Today, authentication based on smart card has been employed continuously in several applications like cloud computing [12], healthcare [13], key exchange in IPTV broadcasting [14], wireless networks [15], authentication in multi-server environment [16], wireless sensor networks [17] and many more. The security requirements and possible attacks related to password based smart card authentication scheme have been sorted out [18].…”

Section: Introductionmentioning

confidence: 99%

A novel smart card mutual authentication scheme for session transfer among registered devices

Pippal

Jaidhar

Tapaswi

2013

2013 3rd IEEE International Advance Computing Conference (IACC)

View full text Add to dashboard Cite

The goal of this paper is to design a mutual authentication scheme that supports secure data service migration among multiple registered devices (like PC, Laptop, Smartphone, etc.) so that each user can use the most suitable device whenever he/she feels. Authentication based on single factor depends on user's knowledge of some secret i.e. a password or a PIN. However, it is not secure enough. Two factor authentication is one which can be used as strong authentication scheme. This paper proposes mutual authentication scheme for session transfer among registered devices using smart card. Its security relies on the hardness of solving discrete logarithm problem and one way hash function. Random nonce is employed as a replacement for timestamp so as to avoid the cost of implementing clock synchronization between user and the server. Security analysis proves that this scheme is immune to the presented attacks and provides essential security features.

show abstract

Security Issues in Smart Card Authentication Scheme

Cited by 7 publications

References 35 publications

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

A novel smart card mutual authentication scheme for session transfer among registered devices

Contact Info

Product

Resources

About