Computers (Jan 2018)

An Improvement on Remote User Authentication Schemes Using Smart Cards

  • Chin-Ling Chen,
  • Yong-Yuan Deng,
  • Yung-Wen Tang,
  • Jung-Hsuan Chen,
  • Yu-Fan Lin

DOI
https://doi.org/10.3390/computers7010009
Journal volume & issue
Vol. 7, no. 1
p. 9

Abstract

Read online

In 2010, Yeh et al. proposed two robust remote user authentication schemes using smart cards; their claims were such that their schemes defended against ID-theft attacks, reply attacks, undetectable on-line password guessing attacks, off-line password guessing attacks, user impersonation attack, server counterfeit attack and man-in-the-middle attack. In this paper, we show that Yeh et al.’s schemes are still vulnerable to ID-theft attack, off-line password guessing attacks, undetectable on-line password guessing attacks and user impersonation attack. Notably, problems remain in situations where the user lost a smart card or the malicious legal user. To remedy these flaws, this paper proposes an improvement on Yeh et al.’s remote user authentication schemes using smart cards.

Keywords