Mridul Kumar Gupta scite author profile

In 2003, Shen et al. proposed a timestamp‐based password authentication scheme by using smart card. Later, in 2005 and 2008, this scheme was found susceptible to forged login attacks by some researchers, and improved schemes were proposed. In 2011, Awasthi et al. pointed out an additional security threat on the scheme of Shen et al. and also suggested remedy by proposing an enhanced scheme. In this paper, we analyze the additional attack identified by Awasthi et al. on the scheme of Shen et al. show its flaws and rectify it. Further, we find that the scheme of Awasthi et al. still fails to withstand forged login attack, smart card loss attack, offline password guessing attack, and so on, and also inherits some weaknesses from the original scheme. Therefore, we propose an improved version of the scheme of Awasthi et al. Our improved scheme not only resists the attacks that we depict on the scheme of Awasthi et al. but is also free from the attacks pointed out so far on the scheme of Shen et al. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

Cryptanalysis and security enhancement of Chen et al.’s remote user authentication scheme using smart card

Kumari¹,

Gupta

Kumar³

2012

View full text Add to dashboard Cite

Recently (2011) Chen et al. found that Wang et al.’s scheme (2007) is vulnerable to impersonation attacks and parallel session attacks; and then proposed a security enhancement of Wang et al.’s scheme. Chen et al. claimed to inherit the merits and eradicate the flaws of the original scheme through their improved scheme. Unfortunately, we found that Chen et al.’s scheme inherits some flaws of the original scheme, like the known-key attack, smart card loss attack and its serious consequences. In addition, Chen et al.’s scheme is not easily reparable and is unable to provide forward secrecy. Thus Chen et al.’s scheme still has scope for security enhancement. Finally, we propose an improved scheme with better security strength. Moreover, we analyze the performance of our scheme and prove that ours is suitable for applications with high security requirements.

show abstract

Cryptanalysis of Enhancements of a Password Authentication Scheme over Insecure Networks

Kumar

Gupta

Kumari

2011

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.