An exquisite authentication scheme with key agreement preserving user anonymity

Mijin Kim, Seungjoo Kim, Dongho Won

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In 2009, Liao et al. proposed an exquisite mutual authentication scheme with key agreement using smart cards to access a network system legally and securely. Liao et al.'s scheme adopted a transformed identity (TID) to avoid identity duplication. However, we find out that an adversary may exploit TID to achieve offline guessing attack. Liao et al.'s scheme is also exposed to man-in-the-middle attack and their claimed theorems and proofs are incorrect. We conduct detailed analysis of flaws in the scheme and its security proof. This paper proposes an improved scheme to overcome these problems and preserve user anonymity that is an issue in e-commerce applications.

Original languageEnglish
Title of host publicationWeb Information Systems and Mining - International Conference, WISM 2010, Proceedings
Pages244-253
Number of pages10
EditionM4D
DOIs
Publication statusPublished - 2010
Externally publishedYes
Event2010 International Conference on Web Information Systems and Mining, WISM 2010 - Sanya, China
Duration: 2010 Oct 232010 Oct 24

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberM4D
Volume6318 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other2010 International Conference on Web Information Systems and Mining, WISM 2010
CountryChina
CitySanya
Period10/10/2310/10/24

Keywords

  • Key agreement
  • Mutual authentication
  • Transformed identity
  • User anonymity

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'An exquisite authentication scheme with key agreement preserving user anonymity'. Together they form a unique fingerprint.

Cite this