Some Forgery Attacks on a Remote User Authentication Scheme Using Smart Cards

Chang, Chin‐Chen; Hwang, Kuo-Feng

doi:10.15388/informatica.2003.022

Cited by 73 publications

(17 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Reducing computation cost: In the login and authentication phases, the proposed schemes need one modular exponential operation (similarly to the Wu-Chieu's scheme), while five operations are required in the scheme proposed by Hwang and Li. 16 The methods proposed by Chien, Jan, and Tseng, 17 Hwang, Lee, and Tang, 18 and Sun 19 do not require modular exponential operations other than one-way hash functions. The computation cost for a secure one-way hash function is not yet addressed clearly; however, it is widely believed that one-way functions exist 20 and its computation cost is lower than that of a modular exponential operation.…”

Section: Discussion and Security Analysismentioning

confidence: 99%

“…Hwang and Li have proposed a remote user authentication scheme using smart cards. 5 The main advantage is that a password table is not required to verify a user's legitimacy. Unfortunately, several security flaws have been identified in their method.…”

Section: Introductionmentioning

confidence: 99%

“…Unfortunately, several security flaws have been identified in their method. 6,7,8,9 Inspired by the scheme proposed by Hwang and Li, Sun 10 has presented an efficient scheme with two main advantages: (1) low communication and computation costs and (2) no password table required. Unfortunately, the user password is computed by the server and is too lengthy to be memorized easily.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Secure User-Friendly Remote Authentication Schemes

Chen¹,

Tsai²,

Horng³

2006

ISIJ

View full text Add to dashboard Cite

Recently, Hwang and Li proposed a remote user authentication scheme that does not require a password table to verify the legitimacy of a legal user. 1 This method uses smart cards. To benefit from this advantage, other research works have explored adding such features as reducing the computational cost, adopting userfriendly passwords, making it easier to change user passwords, etc. However, as cryptanalysis has evolved, a series of modifications that improve the known security flaws have been made subsequently. This article deals with a security problem found in a latest modification and improves it in order to construct a more secure function. The article also highlights a feature, mutual authentication between a server and users, found in many authentication protocols but seldom found in the considered series of modifications.

show abstract

Section: Discussion and Security Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Secure User-Friendly Remote Authentication Schemes

Chen¹,

Tsai²,

Horng³

2006

ISIJ

View full text Add to dashboard Cite

show abstract

“…In 2000, Hwang et al [5] proposed a remote user authentication scheme using smart cards based on ElGamal's public key cryptosystem [6]. But there exist some security flaws in Hwang et al's scheme [7][8][9]. Up to now, many remote user authentication schemes based on smart cards [10][11][12][13][14][15]32,33] were proposed to improve the security.…”

Section: Introductionmentioning

confidence: 99%

Applying biometrics to design three‐factor remote user authentication scheme with key agreement

Niu

Wang

Chen³

2013

Security Comm Networks

View full text Add to dashboard Cite

There are some biometrics‐based three‐factor remote user authentication schemes proposed by researchers for ensure high security features for network‐based application systems. Recently, Das pointed out the security flaws of Li and Hwang's three‐factor remote user authentication scheme, and proposed an enhanced biometrics‐based three‐factor remote user authentication scheme. Das's scheme overcomes the defects of Li and Hwang's scheme, and maintains the advantages of Li and Hwang's scheme at the same time. However, after detailed analysis, we find that Das's scheme remains vulnerable to forgery attack and stolen smart card attack; at the same time, Das's scheme cannot provide the session key agreement after the mutual authentication. To provide more security features, we design a three‐factor remote user authentication scheme with key agreement using biometrics. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

“…However, in such schemes, a verification table should be maintained on the remote server in order to validate the legitimacy of the requesting users; if intruders break into the server, they can modify the verification table. Therefore, many password authentication schemes [3][4][5][6][7] have recognized this problem, and different solutions have been proposed to avoid verification tables.…”

Section: Introductionmentioning

confidence: 99%

Video-Object Oriented Biometrics Hiding for User Authentication under Error-Prone Transmissions

Ntalianis

Tsapatsoulis

Drigas

2011

EURASIP Journal on Information Security

View full text Add to dashboard Cite

An automatic video-object oriented steganographic system is proposed for biometrics authentication over error-prone networks. Initially, the host video object is automatically extracted through analysis of videoconference sequences. Next, the biometric pattern corresponding to the segmented video object is encrypted by a chaotic cipher module. Afterwards, the encrypted biometric signal is inserted to the most significant wavelet coefficients of the video object, using its qualified significant wavelet trees (QSWTs). QSWTs provide both invisibility and significant resistance against lossy transmission and compression, conditions that are typical in error prone networks. Finally, the inverse discrete wavelet transform (IDWT) is applied to provide the stego-object. Experimental results under various losses and JPEG compression ratios indicate the security, robustness, and efficiency of the proposed biometrics hiding system.

show abstract

Some Forgery Attacks on a Remote User Authentication Scheme Using Smart Cards

Cited by 73 publications

References 5 publications

Secure User-Friendly Remote Authentication Schemes

Secure User-Friendly Remote Authentication Schemes

Applying biometrics to design three‐factor remote user authentication scheme with key agreement

Video-Object Oriented Biometrics Hiding for User Authentication under Error-Prone Transmissions

Contact Info

Product

Resources

About