An Enhanced Secure Authentication Scheme with Anonymity for Wireless Environments

Woongryul JEON  Jeeyeon KIM  Junghyun NAM  Youngsook LEE  Dongho WON  

IEICE TRANSACTIONS on Communications   Vol.E95-B   No.7   pp.2505-2508
Publication Date: 2012/07/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.E95.B.2505
Print ISSN: 0916-8516
Type of Manuscript: LETTER
Category: Terrestrial Wireless Communication/Broadcasting Technologies
wireless communication,  anonymity,  user authentication,  password guessing attack,  

Full Text: PDF(201.3KB)>>
Buy this Article

As anonymity increasingly becomes a necessary and legitimate aim in many applications, a number of anonymous authentication schemes have been suggested over the years. Among the many schemes is Lee and Kwon's password-based authentication scheme for wireless environments. Compared with previous schemes, Lee and Kwon's scheme not only improves anonymity by employing random temporary IDs but also provides user-friendliness by allowing human-memorable passwords. In this letter, we point out that Lee and Kwon's scheme, despite its many merits, is vulnerable to off-line password guessing attacks and a forgery attack. In addition, we show how to eliminate these vulnerabilities.