By Topic

Attacks and improvement of “security enhancement for a dynamic id-based remote user authentication scheme”

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Cheikrouhou, O. ; CES Res. Unit, Nat. Sch. of Eng., Sfax ; Boujelben, M. ; Koubaa, A. ; Abid, M.

In 2004, Das et al. proposed a ldquoDynamic ID-based Remote User Authentication Scheme using Smart Cardsrdquo. This scheme have the advantage that users can choose and change their password freely and the server does not maintain any verifier table, which avoid the risk of stolen/modifying this table. However, in 2005, Liao et al. demonstrated that Das et al.'s scheme suffers from guessing attacks, unilateral authentication and revealing of user password and propose improvements to prevent these shortcomings. However, in this paper, we demonstrate that Liao et al.'s scheme is not secure and it is vulnerable to stolen/lost smart card attack, impersonation (forgery) attack and password revealing attack. In fact, we prove that the scheme is equivalent to no password scheme. Then, we propose possible improvements to Liao et al.'s scheme. We demonstrate through comparison between the three schemes that the proposed one is more secure while maintaining the same computational overhead as Das et al.'s scheme.

Published in:

Computer Systems and Applications, 2009. AICCSA 2009. IEEE/ACS International Conference on

Date of Conference:

10-13 May 2009