Security improvement of two dynamic ID-based authentication schemes by Sood-Sarje-Singh

In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first scheme is a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang et al.’s scheme. In both cases, the authors claimed that their schemes can resist man...

Descripción completa

Detalles Bibliográficos
Autores: Martínez-Pelaez, Rafael, Rico Novella, Francisco José|||0000-0003-1025-5181, Forné Muñoz, Jorge|||0000-0002-8401-3292, Velarde-Alvarado, P.
Tipo de recurso: artículo
Fecha de publicación:2013
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/21130
Acceso en línea:https://hdl.handle.net/2117/21130
Access Level:acceso abierto
Palabra clave:Data encryption (Computer science)
Cryptanalysis
Mutual authentication
Network security
Smart cards
Xifratge (Informàtica)
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica::Criptografia
Descripción
Sumario:In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first scheme is a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang et al.’s scheme. In both cases, the authors claimed that their schemes can resist many attacks. However, we find that both schemes have security flaws. In addition, their schemes require a verification table and time-synchronization, making the schemes unfeasible and unsecured for electronic services. In order to remedy the security flaws of Sood et al.’s schemes, we propose a robust scheme which resists the well-known attacks and achieves all the desirable security goals.