Premium
Improvement of robust smart‐card‐based password authentication scheme
Author(s) -
Jiang Qi,
Ma Jianfeng,
Li Guangsong,
Li Xinghua
Publication year - 2013
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.2644
Subject(s) - computer science , smart card , password , computer security , scheme (mathematics) , one time password , challenge–response authentication , s/key , authentication (law) , password cracking , password policy , authentication protocol , password strength , mathematical analysis , mathematics
SUMMARY Smart‐card‐based password authentication scheme is one of the commonly used mechanisms to prevent unauthorized service and resource access and to remove the potential security threats over the insecure networks and has been investigated extensively in the last decade. Recently, Chen et al . proposed a smart‐card‐based password authentication scheme and claimed that the scheme can withstand offline password guessing attacks even if the information stored in the smart card is extracted by the adversary. However, we observe that the scheme of Chen et al . is insecure against offline password guessing attacks in this case. To remedy this security problem, we propose an improved authentication protocol, which inherits the merits of the scheme of Chen et al . and is free from the security flaw of their scheme. Compared with the previous schemes, our improved scheme provides more security guarantees while keeping efficiency. Copyright © 2013 John Wiley & Sons, Ltd.