01990nas a2200217 4500000000100000000000100001008004100002260000900043653002000052653002000072653002600092653001500118653001400133100001600147700001700163700001600180245006400196300001000260490000700270520149500277 2013 d c201310aForward secrecy10aGuessing attack10aRemote Authentication10aSmart Card10aTimestamp1 aManoj Kumar1 aMridul Gupta1 aSaru Kumari00aA Robust Remote User Authentication Scheme using Smart Card a79-970 v263 a

With the fast growth of e-commerce and enormous demand from numerous internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or for a universal access control mechanism. The vision to ease functionality and achieve computation efficiency, design issues for efficient and secure remote user authentication scheme have been a preferred field of investigation by the research community in these two decades. In 2005, Liao et al. improved the dynamic ID-based scheme of Das et al. to achieve mutual authentication and also withstand various attacks. More recently, in 2009, Wang et al. crypt analysed Das et al.’s scheme and also proposed another remote user authentication scheme to eradicate pitfalls. Unfortunately both improvements have been found to be vulnerable and inefficient for real life implementation. The main goal of this paper is to propose a robust remote user authentication scheme using smart card that could not only withstand the traditional attacks, such as the man-in-the-middle attack, the replay attack, the forgery attack, the stolen smart card attack, and the denial of service attack, but also overcomes YLY attacks: perfect forward secrecy, the guessing attack, and the Denning- Sacco attack. Our scheme also establishes session key for secure communication between user and server and rules out possibility of reflection attack and replay attack through its design.