p.164
p.169
p.174
p.179
p.184
p.189
p.194
p.199
p.204
Security Weaknesses and Improvements of a Remote User Authentication Scheme Preserving User Anonymity
Abstract:
In 2008, Bindu et al. proposed an improvement to Chien et al.'s remote password authentication scheme preserving user anonymity, and has asserted that the scheme is secure against replay attack, guessing attack, insider attack and man-in-the-middle attack, etc. However, in this paper, we have shown that Bindu et al.'s scheme is still insecure against man-in-the-middle attack and password guessing attack, and does not provide user anonymity. Also, we propose an improved scheme to withstand these weaknesses, while preserving their merits, even if the secret information stored in the smart card is revealed. As a result of analysis, the proposed scheme is secure against user impersonation attack, server masquerading attack, password guessing attack and does provide user anonymity. And we can see that the proposed scheme is relatively more effective than Bindu et al.'s scheme.
Info:
Periodical:
Pages:
184-188
Citation:
Online since:
December 2011
Authors:
Price:
Permissions: