By Topic

Improvement of Wang-Li's Forward-Secure User Authentication Scheme with Smart Cards

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Wen-Bing Horng ; Dept. of Comput. Sci. & Inf. Eng., Tamkang Univ., Taipei ; Cheng-Ping Lee

Smart card-based applications have been widely used in e-commerce for years. Therefore, many authentication schemes have been proposed to improve security over insecure networks. In 2006, Wang and Li pointed out that Yoon et al.'s remote user authentication scheme with smart cards does not provide the property of perfect forward secrecy; i.e., all previous session keys will be broken if the secret key of the remote server is compromised. They then proposed a new remote user authentication scheme based on the Diffie-Hellman algorithm to provide session key exchange capability with the perfect forward secrecy property. However, in this paper, we will first show that their new scheme is vulnerable to the offline password guessing attack, the parallel session attack, the reflection attack, and the insider attack. Then, we will present an improvement to overcome these weaknesses, while preserving all their merits.

Published in:

Intelligent Systems Design and Applications, 2008. ISDA '08. Eighth International Conference on  (Volume:1 )

Date of Conference:

26-28 Nov. 2008