TY - GEN
T1 - Security analysis of smart card based password authentication schemes
AU - Kim, Hyun Seok
AU - Seo, Suk
AU - Choi, Jin Young
PY - 2010
Y1 - 2010
N2 - In the last few years, researchers have extensively studied the key exchange protocol. In 2007, Kwon et al. proposed a simple three-step key exchange protocol using smart card. In 2008, Chen and Lee proposed a secure and efficient user authentication scheme using smart card that is modified to enhance the security of the series of the Peyravian-Zunic scheme. The current paper demonstrates the vulnerability of Kwon et al.'s protocol regarding off-line password guessing attack and forgery attack. Also, we show that Chen and Lee's scheme is still vulnerable to the off-line password guessing attack and has the non-reparability. In this paper, in addition, after analyzing the two protocols, we propose each of countermeasure against our attacks.
AB - In the last few years, researchers have extensively studied the key exchange protocol. In 2007, Kwon et al. proposed a simple three-step key exchange protocol using smart card. In 2008, Chen and Lee proposed a secure and efficient user authentication scheme using smart card that is modified to enhance the security of the series of the Peyravian-Zunic scheme. The current paper demonstrates the vulnerability of Kwon et al.'s protocol regarding off-line password guessing attack and forgery attack. Also, we show that Chen and Lee's scheme is still vulnerable to the off-line password guessing attack and has the non-reparability. In this paper, in addition, after analyzing the two protocols, we propose each of countermeasure against our attacks.
KW - Forgery attack
KW - Key exchange protocol
KW - Non-reparability
KW - Off-line password guessing attack
KW - Password-based authentication
UR - http://www.scopus.com/inward/record.url?scp=77957578693&partnerID=8YFLogxK
U2 - 10.1109/ICICIS.2010.5534807
DO - 10.1109/ICICIS.2010.5534807
M3 - Conference contribution
AN - SCOPUS:77957578693
SN - 9781424473854
T3 - Proceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010
SP - 352
EP - 356
BT - Proceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010
T2 - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010
Y2 - 23 June 2010 through 25 June 2010
ER -