A remote user authentication scheme without using smart cards

Hyun Sook Rhee, Jeong Ok Kwon, Dong Hoon Lee

Research output: Contribution to journalReview articlepeer-review

66 Citations (Scopus)


User authentication is one of the fundamental procedures to ensure secure communications over an insecure public network channel. Especially, due to tamper-resistance and convenience in managing a password file, various user authentication schemes using smart cards have been proposed. A smart card however far from ubiquitous because of the high cost of a smart card and the infrastructure requirements. In this paper, we study secure user authentication using only a common storage device such as a universal serial bus (USB) memory, instead of using smart cards. We first show that the existing schemes using smart cards cannot be immediately converted into schemes using a common storage device. We then propose a practical and secure user authentication scheme, capable of supporting the use of the common storage device, which retains all the advantages of schemes using smart cards.

Original languageEnglish
Pages (from-to)6-13
Number of pages8
JournalComputer Standards and Interfaces
Issue number1
Publication statusPublished - 2009 Jan


  • Cryptography
  • Password
  • Smart card
  • User authentication

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Law


Dive into the research topics of 'A remote user authentication scheme without using smart cards'. Together they form a unique fingerprint.

Cite this