Affiliation:
1. Wufeng University
2. University of Pittsburgh
Abstract
Due to the rapid growth of computer and communication technologies, people obtain variety of online services quickly. However, all networks are vulnerable to lots of security threats and attacks. The remote authentication scheme provides an efficient method to validate the remote users and servers. Ahirwal and Sonwanshi proposed a remote user authentication scheme with smart card in 2012. They indicated that Song’s smart card based password authentication protocol cannot resist the offline password guessing attack, insider attack, forward secrecy and denial of service attack. They proposed an ID-based authentication scheme to fix security flaws. The scheme uses one-way hash function and bitwise XOR operation such that the computation complexity is very low. However, in this article, we will show that their scheme cannot withstand the offline password guessing attack as they declared. An adversary can use the intercepted messages of two login sessions to obtain the password.
Publisher
Trans Tech Publications, Ltd.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Resale Price Maintenance;SSRN Electronic Journal;1998