On the Security of an Efficient and Secure Dynamic ID-Based Remote User Authentication Scheme

Abstract: SUMMARYIn 2009, Wang et al. proposed an efficient and secure dynamic ID-based remote user authentication scheme based on the one-way secure hash function. This letter demonstrates that Wang et al.'s scheme is still vulnerable to impersonation attacks.

“…Therefore, they advanced a new scheme to strengthen the password authentication and provide mutual authentication in 2009. But many researches [22][23][24][25] made it clear that the improved scheme was vulnerable .In 2009, Chang, et al, [22,23] demonstrated that the scheme proposed by Wang wasn't efficient and secure because the attacker can be verified by the server and select an identity at his will. Then they provided a new scheme based on a smart card to complete the mutual authentication without any verified Table and they claimed that the scheme could provide untraceability and convenience of password update.…”

An Improved Anonymous Remote user Authentication Scheme with Key Agreement based on Dynamic Identity

“…Therefore, they advanced a new scheme to strengthen the password authentication and provide mutual authentication in 2009. But many researches [22][23][24][25] made it clear that the improved scheme was vulnerable .In 2009, Chang, et al, [22,23] demonstrated that the scheme proposed by Wang wasn't efficient and secure because the attacker can be verified by the server and select an identity at his will. Then they provided a new scheme based on a smart card to complete the mutual authentication without any verified Table and they claimed that the scheme could provide untraceability and convenience of password update.…”

An Improved Anonymous Remote user Authentication Scheme with Key Agreement based on Dynamic Identity