Security analysis of smart card based password authentication schemes

Hyun Seok Kim, Suk Seo, Jin Young Choi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In the last few years, researchers have extensively studied the key exchange protocol. In 2007, Kwon et al. proposed a simple three-step key exchange protocol using smart card. In 2008, Chen and Lee proposed a secure and efficient user authentication scheme using smart card that is modified to enhance the security of the series of the Peyravian-Zunic scheme. The current paper demonstrates the vulnerability of Kwon et al.'s protocol regarding off-line password guessing attack and forgery attack. Also, we show that Chen and Lee's scheme is still vulnerable to the off-line password guessing attack and has the non-reparability. In this paper, in addition, after analyzing the two protocols, we propose each of countermeasure against our attacks.

Original languageEnglish
Title of host publicationProceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010
Pages352-356
Number of pages5
DOIs
Publication statusPublished - 2010
Event3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010 - Chengdu, China
Duration: 2010 Jun 232010 Jun 25

Publication series

NameProceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010

Other

Other3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010
CountryChina
CityChengdu
Period10/6/2310/6/25

Keywords

  • Forgery attack
  • Key exchange protocol
  • Non-reparability
  • Off-line password guessing attack
  • Password-based authentication

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Information Systems

Fingerprint Dive into the research topics of 'Security analysis of smart card based password authentication schemes'. Together they form a unique fingerprint.

  • Cite this

    Kim, H. S., Seo, S., & Choi, J. Y. (2010). Security analysis of smart card based password authentication schemes. In Proceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010 (pp. 352-356). [5534807] (Proceedings - 3rd International Conference on Information Sciences and Interaction Sciences, ICIS 2010). https://doi.org/10.1109/ICICIS.2010.5534807