A More Secure Dynamic ID-based Remote Authentication Scheme Using Smart Cards

Authors

Dianli Guo, School of Mathematical Sciences, University of Jinan, Jinan, 250022, China\\ Institute of Network Technology, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaFollow
Fengtong Wen, School of Mathematical Sciences, University of Jinan, Jinan, 250022, China\\Follow
Chengbo Xu, School of Mathematical Sciences, University of Jinan, Jinan, 250022, ChinaFollow

Author Country (or Countries)

China

Abstract

In 2013, Chang et al. proposed an untraceable dynamic-identity-based remote user authentication scheme with verifiable password update. In this paper, we analyze Chang et al.s scheme and show that their scheme suffers from off-line password guessing attack, server spoofing attack and impersonation attack. Moreover, their scheme is traceable since the attacker can obtain the identity of the user. Thereby, we propose an alternative scheme based on elliptic curve cryptosystem and completely automated public turing test to tell computer and humans apart (CAPTCHA) technique. Besides, we demonstrate the completeness of the proposed scheme through the BAN-logic. Compared with other related existing schemes, the proposed scheme is relatively more secure and well suited for the practical application environment.

Recommended Citation

Guo, Dianli; Wen, Fengtong; and Xu, Chengbo (2015) "A More Secure Dynamic ID-based Remote Authentication Scheme Using Smart Cards," Applied Mathematics & Information Sciences: Vol. 09: Iss. 6, Article 48.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol09/iss6/48