In a recent paper (AMIS, 6(2S), 2012), Lee proposed a dynamic ID-based user authentication scheme based on smart card which is believed to have many abilities to resist a range of network attacks. In this paper, we analyze the security of Lee’s scheme and show that the scheme is in fact insecure against insider-assisted attack, even if the adversary doesn’t know the secret information stored in the smart card. In addition, the adversary can perform off-line guessing attack and impersonation attack if the secret information stored in the smart card is compromised.
Digital Object Identifier (DOI)
Wen, Fengtong; Guo, Dianli; and Li, Xuelei
"Cryptanalysis of a New Dynamic ID-based User Authentication Scheme to Resist Smart-Card-Theft Attack,"
Applied Mathematics & Information Sciences: Vol. 08:
4, Article 43.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol08/iss4/43