Analysis and design of a smart card based authentication protocol

被引：0

作者：

Kuo-Hui Yeh

Kuo-Yu Tsai

Jia-Li Hou

机构：

[1] National Dong Hwa University,Department of Information Management

[2] Hwa Hsia Institute of Technology,Department of Management Information Systems

来源：

Journal of Zhejiang University SCIENCE C | 2013年 / 14卷

关键词：

Authentication; Privacy; Security; Smart card; TP309;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng (2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.

引用

页码：909 / 917

页数：8

共 27 条

[1]

Armando A(2004)SATMC: a SAT-based model checker for security protocols Log. Artif. Intell. 3229 730-733

[2]

Compagna L(2005)OFMC: a symbolic model-checker for security protocols Int. J. Inf. Secur. 4 181-208

[3]

Basin D(1990)A logic of authentication ACM Trans. Comput. Syst. 8 18-36

[4]

Mödersheim S(2011)A robust and efficient smart card based remote login mechanism for multi-server architecture Int. J. Innov. Comput. Inf. Control 7 4589-4602

[5]

Viganò L(2010)An anonymous and self-verified mobile authentication with authenticated key agreement for large-scale wireless networks IEEE Trans. Wirel. Commun. 9 3346-3353

[6]

Burrows M(2011)A smart card-based mobile secure transaction system for medical treatment examination reports Int. J. Innov. Comput. Inf. Control 7 2257-2267

[7]

Abadi M(2004)Efficient multi-server password authenticated key agreement using smart cards IEEE Trans. Consum. Electron. 50 251-255

[8]

Needham R(2008)A novel authentication protocol for multi-server architecture without smart cards Int. J. Innov. Comput. Inf. Control 4 1357-1364

[9]

Chang CC(2006)An efficient and complete remote user authentication scheme using smart cards Math. Comput. Modell. 44 223-228

[10]

Cheng TF(2003)A new remote user authentication scheme for multi-server architecture Fut. Gener. Comput. Syst. 19 13-22

← 1 2 3 →