In 2000,a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme.Recently,Kumar has suggested the idea of check digits to overcome the above a...In 2000,a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme.Recently,Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well.In this paper it is pointed out that the weakness still exists in Kumar's scheme,and the intruder can login to the remote system through having some information.A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.展开更多
Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the...Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.展开更多
Remote user authentication schemes are used to verify the legitimacy of remote users’ login request. Recently, several dynamic user authentication schemes have been proposed. It can be seen that, these schemes have w...Remote user authentication schemes are used to verify the legitimacy of remote users’ login request. Recently, several dynamic user authentication schemes have been proposed. It can be seen that, these schemes have weaknesses because of using timestamps. The implement of strict and safe time synchronization is very difficult and increases network overhead. In this paper, we propose a new dynamic user authentication based on nonce. Mutual authentication is performed using a challenge-response handshake between user and server, and it avoids the problems of synchronism between smart card and the remote server. Besides, the scheme provides user’s anonymity and session key agreement. Finally, the security analysis and performance evaluation show that the scheme can resist several attacks, and our proposal is feasible in terms of computation cost and communication cost.展开更多
Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recent...Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.'s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.'s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.展开更多
Three user authentication schemes are proposed. The security of these new schemes is due to the used secure hash functions and the physically secure smart cards.
User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are...User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.展开更多
When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authen...When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et al.'s scheme, we propose an improvement in this paper.展开更多
Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an efficient and d...Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs.The proposed approach reduces the computational load,since it performs only simple operations,such as exclusive-OR and a one-way hash function.This feature is more suitable for the resource-limited sensor nodes and mobile devices.And it is unnecessary for master nodes to forward login request messages to the base station,or maintain a long user list.In addition,pseudonym identity is introduced to preserve user anonymity.Through clever design,our proposed scheme can prevent smart card breaches.Finally,security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.展开更多
基金the National Natural Science Foundation of China (10671051)the Natural Science Foundation of Zhejiang Province (103060)
文摘In 2000,a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme.Recently,Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well.In this paper it is pointed out that the weakness still exists in Kumar's scheme,and the intruder can login to the remote system through having some information.A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.
文摘Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.
文摘Remote user authentication schemes are used to verify the legitimacy of remote users’ login request. Recently, several dynamic user authentication schemes have been proposed. It can be seen that, these schemes have weaknesses because of using timestamps. The implement of strict and safe time synchronization is very difficult and increases network overhead. In this paper, we propose a new dynamic user authentication based on nonce. Mutual authentication is performed using a challenge-response handshake between user and server, and it avoids the problems of synchronism between smart card and the remote server. Besides, the scheme provides user’s anonymity and session key agreement. Finally, the security analysis and performance evaluation show that the scheme can resist several attacks, and our proposal is feasible in terms of computation cost and communication cost.
基金supported by the Basic Science ResearchProgram through the National Research Foundation of Korea funded by the Ministry of Education under Grant No.NRF-2010-0020210
文摘Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.'s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.'s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.
文摘Three user authentication schemes are proposed. The security of these new schemes is due to the used secure hash functions and the physically secure smart cards.
基金the National Basic Research Development(973) Program of China(No.2013CB834205)the National Natural Science Foundation of China(Nos.61070153 and 61103209)+1 种基金the Natural Science Foundation of Zhejiang Province(Nos.LZ12F02005 and LY12F02006)the Education Department Foundation of Zhejiang Province(No.Y201222977)
文摘User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.
基金supported by National Science Council under Grant No. 98-2221-E-025-007- and 99-2410-H-025-010-MY2
文摘When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et al.'s scheme, we propose an improvement in this paper.
基金This work was supported by the National Natural Sciences Foundation of China (Grant Nos. 61300181, 61272057, 61202434, 61170270, 61100203 and 61121061), the Fundamental Research Funds for the Central Universities (2012RC0612, 2011YB01), China Postdoctoral Science Foundation (2013M530561).
文摘Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs.The proposed approach reduces the computational load,since it performs only simple operations,such as exclusive-OR and a one-way hash function.This feature is more suitable for the resource-limited sensor nodes and mobile devices.And it is unnecessary for master nodes to forward login request messages to the base station,or maintain a long user list.In addition,pseudonym identity is introduced to preserve user anonymity.Through clever design,our proposed scheme can prevent smart card breaches.Finally,security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.