Secure User-Friendly Remote Authentication Schemes

Publication Type:

Journal Article

Source:

Information & Security: An International Journal, Volume 18, p.111-121 (2006)

Keywords:

Mutual Authentication, Remote Authentication, Smart Card, User Impersonation.

Abstract:

Recently, Hwang and Li proposed a remote user authentication scheme that does not require a password table to verify the legitimacy of a legal user. This method uses smart cards. To benefit from this advantage, other research works have explored adding such features as reducing the computational cost, adopting user-friendly passwords, making it easier to change user passwords, etc. However, as cryptanalysis has evolved, a series of modifications that improve the known security flaws have been made subsequently. This article deals with a security problem found in a latest modification and improves it in order to construct a more secure function. The article also highlights a feature, mutual authentication between a server and users, found in many authentication protocols but seldom found in the considered series of modifications.