1 / 5

Improved remote authentication scheme with smart card

This paper presents an improved remote authentication scheme utilizing smart cards, addressing vulnerabilities in Wu-Chieu’s authentication method. The study details the registration, login, and verification phases, highlighting the critical weaknesses in Wu-Chieu's approach, such as susceptibility to forgery attacks. By proposing a refined methodology that strengthens security protocols, the authors, Lee and Chiu, enhance the authentication process and ensure a more reliable user experience. This innovation marks a significant advancement in computer security standards.

wardah
Télécharger la présentation

Improved remote authentication scheme with smart card

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Improved remote authentication scheme with smart card Source: Computer Standards and Interfaces Volume: 27, Issue: 2, January, 2005, pp. 177-180 Authors: Lee, Narn-Yih; Chiu, Yu-Chung Speaker: Mei-Yu Lin Date: 2005/05/19

  2. Outline • Wu-Chieu’s scheme • Attack on the Wu-Chieu scheme • Lee et al.’s scheme

  3. Wu-Chieu’sscheme Ui Server 1.Registration phase: Compute Ai=h(IDi, x) Store {IDi, Ai, Bi, h(), p, g} into Smart Card Select IDi, PWi 2.Login phase: 3.Verify phase: Compute C1=h(T1⊕Bi) m=(IDi, Bi*, C1 , T1) Check IDi Verify T’-T1 <= ΔT Compute C1*= h(T1⊕ Bi*) Verify C1*?=C1

  4. Wu-Chieu’sweakness Ui Server 1.Registration phase: Compute Ai=h(IDi, x) Store {IDi, Ai, Bi, h(), p, g} into Smart Card Select IDi, PWi 2.Login phase: 3.Verify phase: Compute C1=h(T1⊕Bi) m=(IDi, Bi*, C1 , T1) m=(IDi, Bi*, C1* , T1*) Check IDi Verify T’-T1 <= ΔT Compute C1*= h(T1⊕ Bi*) Verify C1*?=C1 forge attack

  5. Lee et al.’s scheme Ui Server 1.Registration phase: Compute Ai=h(IDi, x) Store {IDi, Ai, Bi, h(), p, g} into Smart Card Select IDi, PWi 2.Login phase: 3.Verify phase: Compute Zi=Bi*Ai mod p C1=h(T1⊕Bi*) m=(IDi, Bi*, C1 , T1) Check IDi Verify T’-T1 <= ΔT Ai=h(IDi, x) Compute C1*= h(T1⊕ (Zi/Ai mod p)) Verify C1*?=C1 m=(IDi, Zi, C1 , T1)

More Related