A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards

作者:

Highlights:

摘要

Recently, Hsiang et al. pointed out that Liao-Wang’s dynamic ID based remote user authentication scheme for multi-server environment is vulnerable to insider attack, masquerade attack, server spoofing attack, registration center attack and is not easily reparable. Besides, Liao-Wang’s scheme cannot achieve mutual authentication. For this, Hsiang et al. proposed an improved scheme to overcome these weaknesses and claimed that their scheme is efficient, secure, and suitable for the practical application environment. However, we observe that Hsiang et al.’s scheme is still vulnerable to a masquerade attack, server spoofing attack, and is not easily reparable. Furthermore, it cannot provide mutual authentication. Therefore, in this paper we propose an improved scheme to solve these weaknesses.

论文关键词:Authentication,Smart cards,Dynamic ID,Multi-server system,Password

论文评审过程:Available online 3 May 2011.

论文官网地址:https://doi.org/10.1016/j.eswa.2011.04.190