Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.'s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.'s protocol.
|Number of pages||4|
|Journal||World Academy of Science, Engineering and Technology|
|Publication status||Published - 2009 Nov|
- Impersonation attack
- Message alteration attack
ASJC Scopus subject areas