Abstract
Forward secrecy is one of the important properties of remote user authentication schemes to limit the effects of eventual failure of the entire system when the long-term private keys of one or more parties are compromised. Recently, Tsai et al. showed that Wang et al.'s dynamic ID-based remote user authentication scheme fails to achieve user anonymity and is vulnerable to user impersonation attack, and proposed an enhanced version to overcome all the identified flaws. In this paper, however, we will point out that, Tsai et al.'s scheme still suffers from the denial of service attack and cannot provide forward secrecy. To remedy these security flaws, we propose an enhanced authentication scheme, which covers all the identified weaknesses of Tsai et al.'s scheme and is more suitable for mobile application scenarios where resource constrained and security concerned. © 2012 Springer-Verlag Berlin Heidelberg.
Author supplied keywords
Cite
CITATION STYLE
Ma, C. G., Wang, D., Zhao, P., & Wang, Y. H. (2012). A new dynamic ID-based remote user authentication scheme with forward secrecy. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7234 LNCS, pp. 199–211). https://doi.org/10.1007/978-3-642-29426-6_24
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
