Abstract
Password-based authentication schemes have been widely adopted to protect resources from unauthorized access. In 2011, Awasthi et al. proposed an improved timestamp-based remote authentication scheme to remove the drawbacks of Shen et al.’s scheme. In this paper, we show that Awasthi et al.’s scheme is vulnerable to the user impersonation attack, the password guessing attack, the insider attack and does not provide mutual authentication. Also, we propose the enhanced scheme to overcome these security drawbacks, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is relatively more secure than the related scheme in terms of security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Yang, W.H., Shieh, S.P.: Password Authentication with Smart Cards. Computers and Security 18(8), 727–733 (1999)
Chan, C.K., Cheng, L.M.: Cryptanalysis of Timestamp-based Password Authentication Scheme. Computers and Security 21(1), 74–76 (2002)
Fan, L., Li, L.H., Zhu, H.W.: An Enhancement of Timestamp-based Password Authentication Scheme. Computers and Security 21(7), 665–667 (2002)
Shen, J.J., Lin, C.W., Hwang, M.S.: Security Enhancement for the Timestamp-based Password Authentication Scheme Using Smart Cards. Computers and Security 22(7), 591–595 (2003)
Das, M.L., Sxena, A., Gulathi, V.P.: A Dynamic ID-based Remote User Authentication Scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)
Yoon, E.J., Ryu, E.K., Yoo, K.Y.: Attack on the Shen et al.’s Timestamp-based Password Authentication Scheme Using Smart Cards. IEICE Transactions on Fundamentals E88-A(1), 319–321 (2005)
Bindu, C.S., Reddy, P.C.S., Satyanarayana, B.: Improved Remote User Authentication Scheme Preserving User Anonymity. International Journal of Computer Science and Network Security 8(3), 62–66 (2008)
Liu, J.Y., Zhou, A.M., Gao, M.X.: A New Mutual Authentication Scheme based on Nonce and Smart Cards. Computer Communications 31, 2205–2209 (2008)
Awasthi, A.K., Srivastava, K., Mittal, R.C.: An Improved Timestamp-based Remote User Authentication Scheme. Computer and Electrical Engineering 37, 869–874 (2011)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
An, Y. (2012). Security Enhancements of an Improved Timestamp-Based Remote User Authentication Scheme. In: Kim, Th., et al. Computer Applications for Security, Control and System Engineering. Communications in Computer and Information Science, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35264-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-35264-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35263-8
Online ISBN: 978-3-642-35264-5
eBook Packages: Computer ScienceComputer Science (R0)