isrjournals
User Sign in    Editor Sign in

an efficient and practical solution to secure password-authenticated scheme using smart card

R. Deepa,R. Prabhu

Published in International Journal of Advanced Research in Computer Science Engineering and Information Technology

ISSN: 2321-3337          Impact Factor:1.521         Volume:5         Issue:1         Year: 25 March,2015         Pages:391-396

International Journal of Advanced Research in Computer Science Engineering and Information Technology

Abstract

This paper outlines and discusses about the smart card based password authentication scheme. Smart cards are the commonly used security mechanism used for several application especially security related ones. This paper addresses the two recently proposed protocols: i) attacker with pre-computed data ii) attacker with different data. Therefore, we propose an improved scheme to overcome the weakness and to improve the benefits of our new scheme. In addition, our improved scheme is secure under both online and offline dictionary attack.

Kewords

Authentication, Key Exchange, Dictionary attacks, Smart card, Network Security.

Reference

[1] Xinyi Huang, Xiaofeng Chen, Jin Li, Yang Xiang, “further observations on smart card based password-authenticated key agreement in distributed systems”, IEEE Trans. Parallel and distributed systems, vol.25, No.7, July 2014. [2] W. S. Juang, S. T. Chen, and H. T. Liaw, “Robust and efficient password authenticated key agreement using smart cards,” IEEE Trans. Ind. Electron., vol. 55, no. 6, pp. 2551-2556, Jun. 2008. [3] D. Z. Sun, J. D. Zhong, and Y. Sun, “Weakness and improvement on Wang-Li-Tie’s user-friendly remote authentication scheme,” Appl. Math. Comput., vol. 170, no. 2, pp. 1185-1193, Nov. 2005. [4] C.-I Fan, Y.-C Chan, and Z.-K Zhang, “Robust remote authentication scheme with smart cards”. Comput. Secur., vol. 24, no. 8, pp. 619-628, Nov. 2005. [5] NIST, Recommendation for block cipher modes of operation, NIST special publication 800-38A 2001 Edition, dec 2001, Washington DC:U.S. Dept Commerce/NIST [6] X. Huang, Y. Xiang, A. Chonka, J. Zhou and R.H. Deng, “A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems”, IEEE Trans. Parallel Distrib. Syst, vol. 22, no. 8, pp.1390-1397, Aug. 2011. [7] C.L. Hsu, “Security of Chien et al.’s remote user authentication scheme using smart cards”, Comput. Stand. Inter., vol. 26, no. 3, pp. 167C169, May 2004. [8] L. Lamport, “Password authentication with insecure communication,” Commun. ACM. vol. 24, no. 11, pp. 770-772, Nov. 1981. [9] T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart-card security under the threat of power analysis attacks,” IEEE Trans. Computers., vol. 51, no. 5, pp. 541-552, May. 2002. [10] J. Xu, W-T. Zhu, and D-G Feng, “An improved smart card based password authentication scheme with provable security”, Comput. Stand. Inter., vol. 31, vol. 4, pp. 723C728, Jun. 2009.