Further Improved Remote User Authentication Scheme

Jung-Yoon KIM  Hyoung-Kee CHOI  John A. COPELAND  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E94-A   No.6   pp.1426-1433
Publication Date: 2011/06/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E94.A.1426
Print ISSN: 0916-8508
Type of Manuscript: PAPER
Category: Cryptography and Information Security
network-level security and protection,  authentication,  security,  password,  

Full Text: PDF(439.9KB)>>
Buy this Article

Kim and Chung previously proposed a password-based user authentication scheme to improve Yoon and Yoo's scheme. However, Kim and Chung's scheme is still vulnerable to an offline password guessing attack, an unlimited online password guessing attack, and server impersonation. We illustrate how their scheme can be compromised and then propose an improved scheme to overcome the weaknesses. Our improvement is based on the Rabin cryptosystem. We verify the correctness of our proposed scheme using the BAN logic.