Improvement of robust smart‐card‐based password authentication scheme |
| |
| Authors: | Qi Jiang Jianfeng Ma Guangsong Li Xinghua Li |
| |
| Affiliation: | 1. School of Computer Science and Technology, Xidian University, Xi'an, China;2. Department of Information Research, Zhengzhou Information Science and Technology Institute, Zhengzhou, China |
| |
| Abstract: | Smart‐card‐based password authentication scheme is one of the commonly used mechanisms to prevent unauthorized service and resource access and to remove the potential security threats over the insecure networks and has been investigated extensively in the last decade. Recently, Chen et al. proposed a smart‐card‐based password authentication scheme and claimed that the scheme can withstand offline password guessing attacks even if the information stored in the smart card is extracted by the adversary. However, we observe that the scheme of Chen et al. is insecure against offline password guessing attacks in this case. To remedy this security problem, we propose an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme. Compared with the previous schemes, our improved scheme provides more security guarantees while keeping efficiency. Copyright © 2013 John Wiley & Sons, Ltd. |
| |
| Keywords: | remote access mutual authentication secure channel password smart card offline password guessing attack |
|
|
