The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we describe how security and privacy can be increased in user-centric Identity Management (IdM) by the introduction of a so-called IdM card. This IdM card securely stores and processes identity data of the card owner, an end user. The card represents a trusted device that supports the user in managing its digital identities and also in performing secure and privacy-enhanced service...
In order to protect the security of online transactions, e-commerce systems generally use PKI technology to meet the security demands of identity authentication, confidentiality and integrity of transaction information. But as storage carriers of digital certificate, IE browser is not safe or portable, and although USB-Key is relatively safe and convenient, it is easily be forgotten to carry. What's...
Magnetic stripe cards are widely used by many different organizations to provide both convenience and security. These types of cards are often relied on identification and personal authentication. However, they are not designed to withstand attacks that use the sophisticated technologies available today. For instance, skimming takes advantages of the fact that the digital content of a magnetic stripe...
In the present day, the requirements of security in modern information systems are increasing significantly. Among secure requirements, the personal identification plays an important role for authentications and access control. However, traditional id/password pairs could be disabled by modern hacking techniques and social engineering easily. In order to provide stronger access control for organizations,...
Since the number of server providing the facilities for users is usually more than one, remote user authentication schemes used for multi-server architectures, rather than single server circumstance, is considered. In 2007, Liao and Wang proposed a “secure dynamic ID based remote user authentication scheme for multi-server environment” that uses dynamic ID instead of static ID to achieve user's anonymity...
Access control to online banking accounts is a very critical topic for the always-on emerging society. In order to avoid phising threats resulting from classical mechanisms dealing with login and password tuples, the deployment of two-factor authentication tokens generating One Time Password (OTP) is recommended by many governmental organizations. A procedure based on EMV credit cards (the Chip Authentication...
Security concerns and privacy infringement can be serious problems in many applications of radio frequency identification (RFID) systems. Most of the problems are due to the lack of user control over the communication between RFID tags and readers. Giving the user control over the RFID link can alleviate potential security problems. A simple smart card that prevents unauthorized credit card payment...
In 2005, Yoon et al. proposed a user-friendly remote user authentication scheme using smart cards. The security of their scheme is based on one-way hash function and they claimed that their scheme is secured from attacks and achievable for proving mutual authentication, freely choosing password, no verification tables, and involving very lightweight hashing operations. However, we find that Yoon et...
Radio-frequency identification (RFID) technology is widespread developed and common for vehicle management in intelligent community. However, smart card used as the sole certificate of identification could also be impersonated by criminals when the card is lost or stolen. In this paper, an improvement design to the current widely-used vehicle monitoring systems, which utilize the RFID technology to...
With the proliferation of digitalization and steadily increasing storage and processing capacities of integrated circuits, the spectrum of potential applications of smart cards is constantly being expanded. One such application that has already enjoyed widespread adoption in different cities across the world is electronic-ticket system; commonly used for access control to public transportations as...
This paper introduces a new paradigm for strong authentication within the WEB2 landscape. We detail SSL smart cards working with dual SSL stacks. We describe the structure of a cheap client's platform, and we analyze its real time performances. We also take into account the impact of these infrastructures for WEB server's setup. Finally, we suggest solving scalability issues for credentials distribution,...
Password authentication is one of the simplest and the most convenient authentication mechanisms over insecure networks. One-time password authentication which uses dynamic password helps to enhance the security of password. In this paper, we suggest a new one-time password scheme using the smart card based on the bilinear pairings. By generating temporary identity, our scheme can provide anonymity...
In this paper, a novel efficient remote user authentication scheme using smart cards based on elliptic curve discrete logarithm problem (ECDLP) has been proposed. A remote user authentication scheme is a two-party protocol whereby an authentication server confirms the identity of a remote individual logging on to the server over an untrusted, unsecured network. The password based authentication schemes...
Password-based authentication schemes are the most widely used techniques for remote user authentication. Recently, Khan proposed an improvement to Wu-Chieu scheme to prevent the server spoofing attack and to allow the users to update their passwords freely and securely. In this paper, we do a cryptanalysis of khan's scheme and show that his scheme is vulnerable to the parallel session attack. Furthermore,...
Most remote user authentication schemes are designed by encryption or hash-function techniques. In terms of computational cost, the hash-function-based scheme is more simple and efficient. In 2008, under the conditions of using tamper-resistant smart card device and the verifier table storage technique, Chen-Lee proposed a novel mutual authentication protocol using hash function to solve remote user...
A multi-service smart card system enables users to access different services over an open network with a single smart card. Due to its highly economic and social benefits, the multi-service smart card system has drawn much attention in industrial and academic areas. However, the big hindrance to its wide employment is the risk of breaching user service confidentiality and privacy across different...
Password authentication has been adopted as one of the most commonly used solutions in a network environment to protect resources from unauthorized access. Recently, Shieh et al. and Yoon et al. respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed...
Recently, Das et al. proposed a dynamic ID-based remote user authentication scheme using smart cards. Liao et al. pointed out some weaknesses of Das et al.psilas scheme, and presented an improved scheme. However, an impersonate attack on Liao et al.psilas scheme is proposed, it proves that their scheme is also insecure. To overcome the weakness, the new scheme is presented. The advantage of the proposed...
This paper describes an AES smart card implementation highly tamper resistant to side channel attacks. Smart cards are gaining popularity in applications that require high security and store sensitive information. Modern smart cards, highly capable of complicated cryptology, provide a high assurance of tamper resistance and thus commonly used in payment application. Although advanced smart cards can...
Lately, remote user authentication schemes using smart cards have been researched to provide user privacy. Previously provided schemes based on smart cards were only concerned about providing mutual authentication with key exchange, but the schemes preserving user anonymity have been recently demanded because the user privacy is an important issue in many e-commerce applications. In 2007, Hu et al...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.