Authors: Sandeep K. Sood
Addresses: Department of Computer Science and Engineering, G.N.D.U. Regional Campus, Gurdaspur, India
Abstract: Kim and Chung (2009) found that Yoon and Yoo|s scheme (2005) easily reveals a user|s password and is susceptible to masquerading user attack, masquerading server attack and stolen verifier attack. Therefore, Kim and Chung proposed a new remote user authentication scheme. They claimed that the proposed scheme resolves all aforementioned security flaws, while keeping the merits of Yoon and Yoo|s scheme. However, we found that Kim and Chung|s scheme is susceptible to masquerading user attack, masquerading server attack, offline dictionary attack using stolen smart card and parallel session attack. This paper improves Kim and Chung|s scheme that resolves the aforementioned security flaws, while keeping the merits of Kim and Chung|s scheme. The security of the proposed protocol depends upon two security parameters which makes difficult for an attacker to launch attacks on the proposed scheme. Therefore, the attacker can not get any meaningful authentication information from eavesdropping.
Keywords: cryptography; passwords; authentication protocol; smart cards; hash function; security flaws; eavesdropping; attacks; privacy protection.
International Journal of Multimedia Intelligence and Security, 2011 Vol.2 No.1, pp.75 - 89
Published online: 26 Jun 2011 *Full-text access for editors Access for subscribers Purchase this article Comment on this article