Security of two remote user authentication schemes using smart cards

Chien Lung Hsu

doi:10.1109/TCE.2003.1261216

Security of two remote user authentication schemes using smart cards

Chien Lung Hsu^*

^*Corresponding author for this work

National Taiwan University of Science and Technology

Research output: Contribution to journal › Journal Article › peer-review

23 Scopus citations

Abstract

In 2000, Sun proposed an efficient remote user authentication scheme using smart cards (published in IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, 2000). Recently, Chien et al. pointed out that Sun's scheme only achieve the unilateral authentication. That is, only the authentication server can authenticate the legitimacy of the remote user while the user cannot authenticate that of the server. Chien et al. further proposed a new efficient and practical solution to achieve the mutual user authentication (published in Computers & Security, Vol. 21, No. 4, 2002). This paper, however, will demonstrate that Sun's scheme is vulnerable to the off-line and the on-line password guessing attacks and Chien et al.'s scheme is vulnerable to the parallel session attack.

Original language	English
Pages (from-to)	1196-1198
Number of pages	3
Journal	IEEE Transactions on Consumer Electronics
Volume	49
Issue number	4
DOIs	https://doi.org/10.1109/TCE.2003.1261216
State	Published - 11 2003
Externally published	Yes

Keywords

Authentication
Parallel session attack
Password guessing attack
Smart card

Access to Document

10.1109/TCE.2003.1261216

Cite this

@article{dee2abed6935436fbff18ee18e392fc7,

title = "Security of two remote user authentication schemes using smart cards",

abstract = "In 2000, Sun proposed an efficient remote user authentication scheme using smart cards (published in IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, 2000). Recently, Chien et al. pointed out that Sun's scheme only achieve the unilateral authentication. That is, only the authentication server can authenticate the legitimacy of the remote user while the user cannot authenticate that of the server. Chien et al. further proposed a new efficient and practical solution to achieve the mutual user authentication (published in Computers & Security, Vol. 21, No. 4, 2002). This paper, however, will demonstrate that Sun's scheme is vulnerable to the off-line and the on-line password guessing attacks and Chien et al.'s scheme is vulnerable to the parallel session attack.",

keywords = "Authentication, Parallel session attack, Password guessing attack, Smart card",

author = "Hsu, {Chien Lung}",

year = "2003",

month = nov,

doi = "10.1109/TCE.2003.1261216",

language = "英语",

volume = "49",

pages = "1196--1198",

journal = "IEEE Transactions on Consumer Electronics",

issn = "0098-3063",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "4",

}

TY - JOUR

T1 - Security of two remote user authentication schemes using smart cards

AU - Hsu, Chien Lung

PY - 2003/11

Y1 - 2003/11

N2 - In 2000, Sun proposed an efficient remote user authentication scheme using smart cards (published in IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, 2000). Recently, Chien et al. pointed out that Sun's scheme only achieve the unilateral authentication. That is, only the authentication server can authenticate the legitimacy of the remote user while the user cannot authenticate that of the server. Chien et al. further proposed a new efficient and practical solution to achieve the mutual user authentication (published in Computers & Security, Vol. 21, No. 4, 2002). This paper, however, will demonstrate that Sun's scheme is vulnerable to the off-line and the on-line password guessing attacks and Chien et al.'s scheme is vulnerable to the parallel session attack.

AB - In 2000, Sun proposed an efficient remote user authentication scheme using smart cards (published in IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, 2000). Recently, Chien et al. pointed out that Sun's scheme only achieve the unilateral authentication. That is, only the authentication server can authenticate the legitimacy of the remote user while the user cannot authenticate that of the server. Chien et al. further proposed a new efficient and practical solution to achieve the mutual user authentication (published in Computers & Security, Vol. 21, No. 4, 2002). This paper, however, will demonstrate that Sun's scheme is vulnerable to the off-line and the on-line password guessing attacks and Chien et al.'s scheme is vulnerable to the parallel session attack.

KW - Authentication

KW - Parallel session attack

KW - Password guessing attack

KW - Smart card

UR - http://www.scopus.com/inward/record.url?scp=1542542682&partnerID=8YFLogxK

U2 - 10.1109/TCE.2003.1261216

DO - 10.1109/TCE.2003.1261216

M3 - 文章

AN - SCOPUS:1542542682

SN - 0098-3063

VL - 49

SP - 1196

EP - 1198

JO - IEEE Transactions on Consumer Electronics

JF - IEEE Transactions on Consumer Electronics

IS - 4

ER -

Security of two remote user authentication schemes using smart cards

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this