The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In many protocols, registration center (RC) is just responsible for users' and servers' registration, so a malicious server may cheat users to serve as another legal server. It's necessary to verify the legality of both users and servers with the help of a third trusted party such as RC. In 2012, Li et al. proposed a dynamic identity based authentication protocol for multiserver environment. But their...
From the view point of users, security and efficiency are two main factors for any authentication scheme. It's particularly important in multi-server architecture authentication protocol, because users can login many servers with only one password and one identity. In practical cases, users usually choose the password that can be remembered easily (human-memorable), which has low entropy and can be...
In 2014, Tu et al. proposed an authentication scheme for session initiation protocol. Very soon Farash realized that Tu et al.'s scheme can not resist server forgery attack, then Farash proposed an improved protocol. However in this paper, we show that Tu et al.'s scheme can not resist server forgery attack as well as strong replay and denial of services attack. Furthermore, we show that Farash's...
The advancement of communication technology resulted in increasing number of security threats over public Internet on remote servers. In 2014, Shipra et al. proposed an improved remote user authentication scheme using smart cards with check digits. Shipra et al. claimed that their scheme is secure and efficient against all major cryptographic attacks. Unfortunately, their scheme is vulnerable to some...
With the rapid development of wireless communication technologies, there is an exponential increase in usage of handheld devices to connect to remote servers. The advancement of communication technology also resulted in increasing number of security threats in public Internet. The resource (processing capacity, memory, battery) constraint nature of hand held devices is a serious bottle neck in implementing...
A secure smart-card multi-server authentication scheme has been proposed using Diffie-Hellman, Hash-Function and XOR. The scheme made no use of verification table, or encryption techniques, or timestamps to generate a session key to provide secure communication between user and server and resists all possible security attacks, such as Man-in-the-Middle attack, Impersonation attack, Insider attack...
Recently, Yang et al. Proposed a remote user authentication scheme using smart card. Through careful cryptanalysis, we find that Yang et al.'s scheme is not repairable, and cannot achieve mutual authentication and session key agreement. To overcome these security flaws, we propose a new remote user authentication scheme with smart card. In the proposed scheme, the user can choose his/her password...
To safeguard trustworthy remote user authentication services, various user authentication schemes for internet based E-Commerce, M-Commerce applications has been proposed. These schemes are proposed with an intention to legalize only authorized access to remote server resources, so that critical information can be protected from misuse. Very recently, A.K Das et al. proposed a user remote user authentication...
In this paper we propose a remote password authentication scheme based on a circle. This scheme is simple and practically feasible in a multi-server environment. In this scheme, we use some simple tangent theorem like secant tangent theorem and a strong one way function to authenticate the user and the server. Furthermore, a legal user can freely choose and change his password using his smart card...
In 2012, Sonwanshi et al. proposed an efficient smart card based remote user authentication scheme using hash function. They claimed that the scheme resists most current possible attacks. However, in the following year, Das et al. found that Sonwanshi et al.'s scheme is vulnerable to offline password guessing attack. In this paper, we point out that there exist additional security defects such as...
Remote user authentication is an important and efficient method to ensure security for many network-based application systems. So far, several dynamic identity based authentication schemes have been proposed to protect the user's anonymity. Recently, Sood pointed out the security weaknesses of a dynamic identity based authentication scheme, which was proposed by Wang et al. presented an improved scheme...
When user wants to access a network service, he/she must authenticate his/herself to the server. With the increasing of the different network services, it is extremely hard for user to remember the different ID and password, so the multi-server authentication protocols have been proposed to solve this problem. There are some authentication protocols for multi-server architecture using smart cards,...
In the present Internet age, one of the main challenging tasks is to provide confidentiality for user's transaction. Various authentication schemes have been proposed to secure the data from unauthorized users. One of the most prominent schemes is password based smart card authentication scheme used to withstand the possible attacks for verification table. However, most of these schemes are vulnerable...
To conduct secure communications in wireless networks, clients must create safer keys from the recorded less secure passwords -- known as Password-Authenticated Key Exchange (PAKE). As attacker capability has evolved quickly, PAKE protocols must progress with time to fight against possible attacks. This paper makes an analytical survey on current cross-realm client-to-client (C2C) PAKE protocols and...
In this paper, we first present the concept of a “fair” password authentication system which means that when a user provides a password that is unable to pass the authentication, the system is capable of taking a step ahead to detect and determine the real cause of the authentication failure, whether it was the user's own problem or that the authentication files had already been tampered with or damaged...
In 2010, Yuan et al. proposed a biometric-based user authentication scheme for wireless sensor networks (WSN). However, this paper demonstrates that Yuan et al.'s scheme has some drawbacks: insider attack, impersonation attack by a malicious registered user, and GW-node or sensor node impersonate attacks. To mitigate the security breaches, this paper also proposes a new biometric-based user authentication...
Authentication schemes play vital roles in computer and communication security. In order to authenticate the remote users, password based schemes have been widely used. In this paper we introduce a secure remote user authentication scheme based on bilinear pairing that satisfies all security requirements which are mentioned for password based authentication schemes using smart card.
Sealed storage and access control are the characteristics of USB KEY integrated with smart card, a kind of USB KEY-based approach for virtual assets protection is presented. Virtual assets of users are stored in the hidden partition of USB KEY which is not able to read out, it would be displayed on the screen of USB KEY after user's PIN verified. If a PIN is blocked, it must be reloaded, it is designed...
Since the number of server providing the facilities for users is usually more than one, remote user authentication schemes used for multi-server architectures, rather than single server circumstance, is considered. In 2009, Hsiang and Shih proposed an “Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment” that uses dynamic ID instead of static ID...
This paper proposes a new efficient and secure multiserver authentication scheme based on one-way hash function without verification table to minimize the complexity of hash operation among all users and fit multi-server communication environments. Compare with related multi-serve authentication schemes, the proposed scheme has strong security and enhanced computational efficiency. Thus, the proposed...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.