|
|
|
| Cryptanalysis and Improvement of a Remote User Authentication Scheme for Resource-limited Environment |
| Wang Ding①③ Ma Chun-guang① Weng Chen② Jia Chun-fu② |
①(College of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China)
②(College of Information Technology Science, Nankai University, Tianjin 300071, China)
③(Department of Training, Automobile Management Institute of PLA, Bengbu 233011, China) |
|
|
|
|
Abstract Recently Fang et al. (2011) proposed a password-based remote user authentication scheme using smart cards for resource-constrained environment, and claimed that their scheme was secure and practical. However, it is found that their scheme can not achieve the claimed security, it is vulnerable to offline password guessing attack, parallel session attack and known key attack. In addition, the password change phase of their scheme is not user-friendly and practical. Consequently, an improved scheme is presented and analyzed, the analysis shows that new scheme eliminates the defects of Fang et al.’s scheme while keeping the merit of high performance, suitable for resource-constrained and security-concerned application scenarios.
|
|
Received: 05 April 2012
|
|
|
|
Corresponding Authors:
Wang Ding
E-mail: wangdingg@mail.nankai.edu.cn
|
|
|
|
|
|
|
2012, Vol. 34 
