期刊
SECURITY AND COMMUNICATION NETWORKS
卷 7, 期 11, 页码 1921-1932出版社
WILEY-HINDAWI
DOI: 10.1002/sec.906
关键词
authentication; forged login attack; attack analysis; smart card loss; perfect secrecy
资金
- Deanship of Scientific Research at King Saud University [RGP-VPP-288]
- National Natural Science Foundation of China [61300220]
In 2003, Shen et al. proposed a timestamp-based password authentication scheme by using smart card. Later, in 2005 and 2008, this scheme was found susceptible to forged login attacks by some researchers, and improved schemes were proposed. In 2011, Awasthi et al. pointed out an additional security threat on the scheme of Shen et al. and also suggested remedy by proposing an enhanced scheme. In this paper, we analyze the additional attack identified by Awasthi et al. on the scheme of Shen et al. show its flaws and rectify it. Further, we find that the scheme of Awasthi et al. still fails to withstand forged login attack, smart card loss attack, offline password guessing attack, and so on, and also inherits some weaknesses from the original scheme. Therefore, we propose an improved version of the scheme of Awasthi et al. Our improved scheme not only resists the attacks that we depict on the scheme of Awasthi et al. but is also free from the attacks pointed out so far on the scheme of Shen et al. Copyright (c) 2013 John Wiley & Sons, Ltd.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据