Cryptanalysis and Improvement of An 'Efficient Remote Mutual Authentication and Key Agreement'

A smart card based scheme is practical and widely used in remote mutual authentication. In 2006, Shieh-Wang pointed out the weakness of Juang's remote mutual authentication scheme using smart card and further proposed a novel one to improve Juang's. The advantages in Shieh-Wang:v scheme include effective mutual authentication freely chosen password no verification tables low compulational cost session key agreement and no synchronized clocks. However in 2007 Yoon-Yoo showed Mat Shieh-Wang's scheme does not provide perfect forward secrecy, and is vulnerable to a privileged insider's attack Furthermore, the current paper demonstrates that Shieh-Wang's scheme is also vulnerable to the parallel session attack and lack of wrong password detection and Men presents a more efficient and secure scheme to resolve all the above problems including those that, Yoon-Yoo has pointed out with less computational cost increase.