Skip to Main Content
Remote authentication is an important mechanism to control user access to remote systems and a password-based authentication is a preferable method. With advances in elliptic curve cryptography, Jia et al. (2006) proposed a remote user authentication scheme with a smart card. Their scheme utilized bilinear pairings and an elliptic curve El-Gamal encryption scheme to provide a secure authentication mechanism. However, we show that their scheme is vulnerable to our impersonation attack which any adversary can be authenticated successfully with probability 1 at no extra cost. We also suggest our provably secure improvement scheme which is verified to be more efficient from the point of computational complexity than the original scheme.