Skip to Main Content
Recently, Wu-Chieu proposed a user friendly remote user authentication scheme with smart cards. In this paper, we demonstrate that their scheme is vulnerable and susceptible to the attack and has some practical pitfalls. Their scheme performs unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suspects from the server spoofing attack. Furthermore, their scheme is slow in detecting the wrong input-password, and users cannot change their passwords. To solve the problems found in Wu-Chieu's scheme, we propose an efficient and secure remote mutual authentication scheme by using one-way hash functions. The computational cost and efficiency of the proposed scheme are better than other related published schemes.
Date of Conference: 23-24 April 2008