Paper Info
Title
An efficient dynamic ID based remote user authentication scheme using self-certified public keys for multi-server environment
Abstract
Recently, Li et al. analyzed Lee et al.'s multi-server authentication scheme and proposed a novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. They claimed that their scheme can resist several kinds of attacks. However, through careful analysis, we find that Li et al.'s scheme is vulnerable to stolen smart card and offline dictionary attack, replay attack, impersonation attack and server spoofing attack. By analyzing other similar schemes, we find that the certain type of dynamic ID based multi-server authentication scheme in which only hash functions are used and no registration center participates in the authentication and session key agreement phase is hard to provide perfect efficient and secure authentication. To compensate for these shortcomings, we improve the recently proposed Liao et al.'s multi-server authentication scheme which is based on pairing and self-certified public keys, and propose a novel dynamic ID based remote user authentication scheme for multi-server environments. Liao et al.'s scheme is found vulnerable to offline dictionary attack and denial of service attack, and cannot provide user's anonymity and local password verification. However, our proposed scheme overcomes the shortcomings of Liao et al.'s scheme. Security and performance analyses show the proposed scheme is secure against various attacks and has many excellent features.
Year
Venue
Field
2013
CoRR
Dictionary attack,Authentication,Spoofing attack,Challenge–response authentication,Computer science,Computer security,Smart card,Password,Replay attack,Public-key cryptography
DocType
Volume
Citations 
Journal
abs/1305.6350
5
PageRank 
References 
Authors
0.41
18
4
Name
Order
Citations
PageRank
Dawei Zhao119320.38
Haipeng Peng246637.86
Shudong Li34712.98
Yixian Yang41121140.62