Skip to Main Content
In 2000, Hwang and Li proposed a remote user authentication scheme using smart cards to solve the problems of Lamport scheme. Later, Chan- Chang, Shen-Lin-Hwang and then Chang-Hwang pointed out some attacks on Hwang-Li's scheme. In 2003, Awasthi and Lal introduced a new type of attack on Hwang-Li's scheme and also proposed a new scheme with forward secrecy. This paper analyses that Awasthi-Lal's paper suffers with some practical pitfalls. In this paper, the security pitfalls of Awasthi and Lal's scheme are also analyzed.