Abstract
Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: ① it can resist all the attacks listed in introduction; ② less storage memory requirement due to no verification table stored in server; ③ low computational cost due to hash functions based operations; ④ even if the smart card is lost, the new system is still secure; ⑤ As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.
Similar content being viewed by others
References
Diffie W, Hellman M E. New Directions in Cryptography[J]. IEEE Transactions on Information Theory, 1976, IT-22(6): 644–654.
Lamport L. Password Authentication with Insecure Communication [J]. Communications of the ACM, 1981, 24: 770–772.
Lee C C, Li L H, Hwang M S. A Remote User Authentication Scheme Using Hash Functions[J]. ACM Operating Systems Review, 2002, 36(4): 23–29.
Hwang M S, Li L H. A New Remote User Authentication Scheme Using Smart Cards[J]. IEEE Transactions on Consumer Electronics, 2000, 46(1): 8–30.
Lee S W, Kim H S, Yoo K Y. Improved Efficient Remote User Authentication Scheme Using Smart Cards[J]. IEEE Trans on Consumer Electronics, 2004, 46(2): 565–567.
Lu R x, Cao Z F Efficient Remote user authentication scheme using smart card [J]. Computer Networks 2005, 49(4): 535–540.
Juang W S. Efficient Password Authenticated Key Agreement Using Smart Cards[J]. Computers and Security, 2004, 23(2): 167–173
Shen J J, Lin C W, Hwang M S. A Modified Remote User Authentication Scheme Using Smart Cards[J]. IEEE Trans Consumer Electron, 2003, 49(2) 414–416.
Sun H M. An Efficient Remote User Authentication Scheme Using Smart Cards[J]. IEEE Transactions on Consumer Electronics, 2000, 46(4): 958–961.
Chien H Y, Jan J K, Tseng Y M. An Efficient and Practical Solution to Remote Authentication Smart Cards[J]. Computer and Security, 2002, 21(4): 372–375.
Ku W C, Chen S M. Weaknesses and Improvements of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards[J]. IEEE Transactions on Consumer Electronics, 2004, 50(1): 204–207.
Yoon E J, Ryu K Y, Yoo K Y. Further Improvement of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards[J]. IEEE Transactions on Consumer Electronics, 2004, 50(2): 612–614.
Wang X M, Zhang W F, Zhang J S et al. Cryptanalysis and Improvement on Two Efficient Remote User Authentication Scheme Using Smart Cards[J]. Computer Standards & Interfaces, 2007, 29: 507–512.
Yoon E J, Lee E J, Yoo K Y. Cryptanalysis of Wang et al’s Remote User Authentication Scheme Using Smart Cards[C]// Proc Fifth International Conference on Information Technology: New Generations. Las Vegas: IEEE Computer Society Press, 2008: 575–580.
Tsai C S, Lee C C, Hwang M S. Password Authentication Schemes: Current Status and Key Issues[J]. International Journal of Network Security, 2006, 3(2): 101–115.
Liao I E, Lee C C, Hwang M S. A Password Authentication Scheme over Insecure Networks[J]. Journal of Computer and System Sciences, 2006, 72: 727–740.
Ku W C, Chen C M, Hui L. Cryptanalysis of a Variant of Peyravian-zunic’s Password Authentication Scheme[J]. IEICE Transaction on Communications, 2003, E86-B(5): 1682–1684.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (60373087, 60473023).
Biography: WANG Bangju(1971–), female, Ph.D. candidate, Lecturer of Huazhong Agricultural University. research direction: information security and cryptography.
Rights and permissions
About this article
Cite this article
Wang, B., Wang, Y. & Zhang, H. A new secure password authentication scheme using smart cards. Wuhan Univ. J. Nat. Sci. 13, 739–743 (2008). https://doi.org/10.1007/s11859-008-0620-4
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11859-008-0620-4