Abstract
Anonymity is one of the important properties of remote authentication schemes to preserve user privacy. Recently, Sood et al. showed that Wang et al.'s dynamic ID-based remote user authentication scheme fails to preserve user anonymity and is vulnerable to various attacks if the smart card is non-tamper resistant. Consequently, an improved version of dynamic ID-based authentication scheme was proposed and claimed that it is efficient and secure. In this paper, however, we will show that Sood et al.'s scheme still cannot preserve user anonymity under their assumption. In addition, their scheme is also vulnerable to the offline password guessing attack and the stolen verifier attack. To remedy these security flaws, we propose an enhanced authentication scheme, which covers all the identified weaknesses of Sood et al.'s scheme and is more secure and efficient for practical application environment. © 2012 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Ma, C. G., Wang, D., & Zhang, Q. M. (2012). Cryptanalysis and improvement of Sood et al.’s dynamic ID-based authentication scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7154 LNCS, pp. 141–152). https://doi.org/10.1007/978-3-642-28073-3_13
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
