Journal
COMPUTER STANDARDS & INTERFACES
Volume 31, Issue 6, Pages 1118-1123Publisher
ELSEVIER
DOI: 10.1016/j.csi.2008.11.002
Keywords
Authentication; Dynamic ID; Multi-server; Mutual authentication; Password; Smart card
Ask authors/readers for more resources
Recently, Liao and Wang proposed a secure dynamic ID based remote user authentication scheme for multiserver environment, and claimed that their scheme was intended to provide mutual authentication, two-factor security, replay attack, server spoofing attack, insider and stolen verifier attack, forward secrecy and user anonymity. In this paper, we show that Liao and Wang's scheme is still vulnerable to insider's attack, masquerade attack, server spoofing attack, registration center spoofing attack and is not reparable. Furthermore, it fails to provide mutual authentication. To remedy these flaws, this paper proposes an efficient improvement over Liao-Wang's scheme with more security. The computation cost, security, and efficiency of the improved scheme are well suited to the practical applications environment. (C) 2008 Elsevier B.V. All rights reserved.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available