Title: Security analysis and improvement of a mutual authentication scheme under trusted computing
Authors: Fahad T. Bin Muhaya
Addresses: Prince Muqrin Chair for IT Security (PMC), Department of Management Information Systems, College of Business Administration, King Saud University, Saudi Arabia
Abstract: Recently, Yang et al. proposed a smart card and password-based mutual authentication scheme under trusted computing, and they claimed that their scheme can resist kinds of attacks. But they did not consider the stolen smart card attack which is an important attack in smart card-based authentication scheme. In this paper, we first analyse the stolen smart card attack to Yang et al.'s scheme, and then propose an enhanced mutual authentication scheme for trusted computing. Our scheme can resist the stolen smart card attack and other attacks, and can quickly detect the unauthorised login at the beginning when the user input the wrong identity or wrong password.
Keywords: user authentication; passwords; stolen smart cards; cryptanalysis; trusted computing; trust; cryptography; security analysis; mutual authentication; unauthorised login; wrong identity; wrong password.
DOI: 10.1504/IJAHUC.2015.067775
International Journal of Ad Hoc and Ubiquitous Computing, 2015 Vol.18 No.1/2, pp.37 - 44
Received: 16 Sep 2013
Accepted: 22 Jan 2014
Published online: 05 Mar 2015 *