Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments

Debiao HE  Hao HU  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E96-D   No.1   pp.138-140
Publication Date: 2013/01/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E96.D.138
Print ISSN: 0916-8532
Type of Manuscript: LETTER
Category: Information Network
Keyword: 
authentication scheme,  multi-server environment,  dynamic ID-based,  anonymity,  

Full Text: PDF(60.5KB)>>
Buy this Article




Summary: 
Recently, Shao et al. [M. Shao and Y. Chin, A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment, IEICE Transactions on Information and Systems, vol.E95-D, no.1, pp.161–168, 2012] proposed a dynamic ID-based remote user authentication scheme with access control for multi-server environments. They claimed that their scheme could withstand various attacks and provide anonymity. However, in this letter, we will point out that Shao et al.'s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme is vulnerable to two kinds of attacks and cannot provide anonymity.