Title: Security analysis and improvement of a mutual authentication scheme under trusted computing

Authors: Fahad T. Bin Muhaya

Addresses: Prince Muqrin Chair for IT Security (PMC), Department of Management Information Systems, College of Business Administration, King Saud University, Saudi Arabia

Abstract: Recently, Yang et al. proposed a smart card and password-based mutual authentication scheme under trusted computing, and they claimed that their scheme can resist kinds of attacks. But they did not consider the stolen smart card attack which is an important attack in smart card-based authentication scheme. In this paper, we first analyse the stolen smart card attack to Yang et al.'s scheme, and then propose an enhanced mutual authentication scheme for trusted computing. Our scheme can resist the stolen smart card attack and other attacks, and can quickly detect the unauthorised login at the beginning when the user input the wrong identity or wrong password.

Keywords: user authentication; passwords; stolen smart cards; cryptanalysis; trusted computing; trust; cryptography; security analysis; mutual authentication; unauthorised login; wrong identity; wrong password.

DOI: 10.1504/IJAHUC.2015.067775

International Journal of Ad Hoc and Ubiquitous Computing, 2015 Vol.18 No.1/2, pp.37 - 44

Received: 16 Sep 2013
Accepted: 22 Jan 2014
Published online: 05 Mar 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article