Skip to main content
SpringerLink
Log in

Security Enhancements of an Improved Timestamp-Based Remote User Authentication Scheme

  • Conference paper
Computer Applications for Security, Control and System Engineering

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 339))

Abstract

Password-based authentication schemes have been widely adopted to protect resources from unauthorized access. In 2011, Awasthi et al. proposed an improved timestamp-based remote authentication scheme to remove the drawbacks of Shen et al.’s scheme. In this paper, we show that Awasthi et al.’s scheme is vulnerable to the user impersonation attack, the password guessing attack, the insider attack and does not provide mutual authentication. Also, we propose the enhanced scheme to overcome these security drawbacks, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is relatively more secure than the related scheme in terms of security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Yang, W.H., Shieh, S.P.: Password Authentication with Smart Cards. Computers and Security 18(8), 727–733 (1999)

    Article  Google Scholar 

  2. Chan, C.K., Cheng, L.M.: Cryptanalysis of Timestamp-based Password Authentication Scheme. Computers and Security 21(1), 74–76 (2002)

    Article  Google Scholar 

  3. Fan, L., Li, L.H., Zhu, H.W.: An Enhancement of Timestamp-based Password Authentication Scheme. Computers and Security 21(7), 665–667 (2002)

    Article  Google Scholar 

  4. Shen, J.J., Lin, C.W., Hwang, M.S.: Security Enhancement for the Timestamp-based Password Authentication Scheme Using Smart Cards. Computers and Security 22(7), 591–595 (2003)

    Article  Google Scholar 

  5. Das, M.L., Sxena, A., Gulathi, V.P.: A Dynamic ID-based Remote User Authentication Scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)

    Article  Google Scholar 

  6. Yoon, E.J., Ryu, E.K., Yoo, K.Y.: Attack on the Shen et al.’s Timestamp-based Password Authentication Scheme Using Smart Cards. IEICE Transactions on Fundamentals E88-A(1), 319–321 (2005)

    Article  Google Scholar 

  7. Bindu, C.S., Reddy, P.C.S., Satyanarayana, B.: Improved Remote User Authentication Scheme Preserving User Anonymity. International Journal of Computer Science and Network Security 8(3), 62–66 (2008)

    Google Scholar 

  8. Liu, J.Y., Zhou, A.M., Gao, M.X.: A New Mutual Authentication Scheme based on Nonce and Smart Cards. Computer Communications 31, 2205–2209 (2008)

    Article  Google Scholar 

  9. Awasthi, A.K., Srivastava, K., Mittal, R.C.: An Improved Timestamp-based Remote User Authentication Scheme. Computer and Electrical Engineering 37, 869–874 (2011)

    Article  Google Scholar 

  10. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  11. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Division of Computer and Media Information Engineering, Kangnam Univ., 111, Gugal-dong, Giheung-ku, Yongin-si, Gyeonggi-do, 446-702, Korea

    Younghwa An

Authors
  1. Younghwa An
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. GVSA and University of Tasmania, 20 Virginia Court, Hobart, TAS, Australia

    Tai-hoon Kim

  2. Jet Propulsion Laboratory/Caltech, NASA, 4800 Oak Grove Drive, 91109, Pasadena, CA, USA

    Adrian Stoica

  3. National Chiao Tung University, Hsinchu, Taiwan, R.O.C.

    Wai-chi Fang

  4. University of Western Macedonia, Kozani, Greece

    Thanos Vasilakos

  5. Universidad Complutense de Madrid, 28040, Madrid, Spain

    Javier García Villalba

  6. Mississippi State University, Mississippi State, MS, USA

    Kirk P. Arnett

  7. King Saud University, Riyadh, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

  8. School of Computing and Information System, University of Tasmania, Churchill Avenue, Sandy Bay, Hobart, TAS, Australia

    Byeong-Ho Kang

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

An, Y. (2012). Security Enhancements of an Improved Timestamp-Based Remote User Authentication Scheme. In: Kim, Th., et al. Computer Applications for Security, Control and System Engineering. Communications in Computer and Information Science, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35264-5_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35264-5_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35263-8

  • Online ISBN: 978-3-642-35264-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation