A remote user authentication scheme without using smart cards

Hyun Sook Rhee; Jeong Ok Kwon; Dong Hoon Lee

doi:10.1016/j.csi.2007.11.017

A remote user authentication scheme without using smart cards

Hyun Sook Rhee
, Jeong Ok Kwon
, Dong Hoon Lee^*

^*Corresponding author for this work

Research output: Contribution to journal › Review article › peer-review

66 Citations (Scopus)

Abstract

User authentication is one of the fundamental procedures to ensure secure communications over an insecure public network channel. Especially, due to tamper-resistance and convenience in managing a password file, various user authentication schemes using smart cards have been proposed. A smart card however far from ubiquitous because of the high cost of a smart card and the infrastructure requirements. In this paper, we study secure user authentication using only a common storage device such as a universal serial bus (USB) memory, instead of using smart cards. We first show that the existing schemes using smart cards cannot be immediately converted into schemes using a common storage device. We then propose a practical and secure user authentication scheme, capable of supporting the use of the common storage device, which retains all the advantages of schemes using smart cards.

Original language	English
Pages (from-to)	6-13
Number of pages	8
Journal	Computer Standards and Interfaces
Volume	31
Issue number	1
DOIs	https://doi.org/10.1016/j.csi.2007.11.017
Publication status	Published - 2009 Jan

Keywords

Cryptography
Password
Smart card
User authentication

ASJC Scopus subject areas

Software
Hardware and Architecture
Law

Access to Document

10.1016/j.csi.2007.11.017

Cite this

@article{d6d38c1c861546d29f26c065780beab2,

title = "A remote user authentication scheme without using smart cards",

abstract = "User authentication is one of the fundamental procedures to ensure secure communications over an insecure public network channel. Especially, due to tamper-resistance and convenience in managing a password file, various user authentication schemes using smart cards have been proposed. A smart card however far from ubiquitous because of the high cost of a smart card and the infrastructure requirements. In this paper, we study secure user authentication using only a common storage device such as a universal serial bus (USB) memory, instead of using smart cards. We first show that the existing schemes using smart cards cannot be immediately converted into schemes using a common storage device. We then propose a practical and secure user authentication scheme, capable of supporting the use of the common storage device, which retains all the advantages of schemes using smart cards.",

keywords = "Cryptography, Password, Smart card, User authentication",

author = "Rhee, \{Hyun Sook\} and Kwon, \{Jeong Ok\} and Lee, \{Dong Hoon\}",

year = "2009",

month = jan,

doi = "10.1016/j.csi.2007.11.017",

language = "English",

volume = "31",

pages = "6--13",

journal = "Computer Standards and Interfaces",

issn = "0920-5489",

publisher = "Elsevier B.V.",

number = "1",

}

TY - JOUR

T1 - A remote user authentication scheme without using smart cards

AU - Rhee, Hyun Sook

AU - Kwon, Jeong Ok

AU - Lee, Dong Hoon

PY - 2009/1

Y1 - 2009/1

N2 - User authentication is one of the fundamental procedures to ensure secure communications over an insecure public network channel. Especially, due to tamper-resistance and convenience in managing a password file, various user authentication schemes using smart cards have been proposed. A smart card however far from ubiquitous because of the high cost of a smart card and the infrastructure requirements. In this paper, we study secure user authentication using only a common storage device such as a universal serial bus (USB) memory, instead of using smart cards. We first show that the existing schemes using smart cards cannot be immediately converted into schemes using a common storage device. We then propose a practical and secure user authentication scheme, capable of supporting the use of the common storage device, which retains all the advantages of schemes using smart cards.

AB - User authentication is one of the fundamental procedures to ensure secure communications over an insecure public network channel. Especially, due to tamper-resistance and convenience in managing a password file, various user authentication schemes using smart cards have been proposed. A smart card however far from ubiquitous because of the high cost of a smart card and the infrastructure requirements. In this paper, we study secure user authentication using only a common storage device such as a universal serial bus (USB) memory, instead of using smart cards. We first show that the existing schemes using smart cards cannot be immediately converted into schemes using a common storage device. We then propose a practical and secure user authentication scheme, capable of supporting the use of the common storage device, which retains all the advantages of schemes using smart cards.

KW - Cryptography

KW - Password

KW - Smart card

KW - User authentication

UR - https://www.scopus.com/pages/publications/54349125537

U2 - 10.1016/j.csi.2007.11.017

DO - 10.1016/j.csi.2007.11.017

M3 - Review article

AN - SCOPUS:54349125537

SN - 0920-5489

VL - 31

SP - 6

EP - 13

JO - Computer Standards and Interfaces

JF - Computer Standards and Interfaces

IS - 1

ER -

A remote user authentication scheme without using smart cards

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this