01328nas a2200205 4500000000100000000000100001008004100002260000900043653002600052653002600078653001500104653002300119100001900142700001800161700001700179245005500196300001200251490000700263520085200270 2006 d c200610aMutual Authentication10aRemote Authentication10aSmart Card10aUser Impersonation1 aTzung-Her Chen1 aDu-Shiau Tsai1 aGwoboa Horng00aSecure User-Friendly Remote Authentication Schemes a111-1210 v183 a
Recently, Hwang and Li proposed a remote user authentication scheme that does not require a password table to verify the legitimacy of a legal user. This method uses smart cards. To benefit from this advantage, other research works have explored adding such features as reducing the computational cost, adopting user-friendly passwords, making it easier to change user passwords, etc. However, as cryptanalysis has evolved, a series of modifications that improve the known security flaws have been made subsequently. This article deals with a security problem found in a latest modification and improves it in order to construct a more secure function. The article also highlights a feature, mutual authentication between a server and users, found in many authentication protocols but seldom found in the considered series of modifications.