Open AccessA new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card
Author(s) -
Li ChunTa
Publication year - 2013
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2012.0058
Subject(s) - password , computer science , one time password , s/key , computer security , zero knowledge password proof , smart card , password cracking , password strength , challenge–response authentication , elliptic curve cryptography , cryptography , scheme (mathematics) , anonymity , salt (chemistry) , authentication (law) , authentication protocol , public key cryptography , encryption , mathematics , mathematical analysis , chemistry
Password authentication has been widely used in computer networks to provide secure remote access control. In this study, the authors show that the improved password authentication and update scheme based on elliptic curve cryptography proposed by Islam and Biswas is vulnerable to offline password guessing, stolen‐verifier and insider attacks. We propose an advanced smart card‐based password authentication and update scheme and extend the scheme to provide the privacy of the client. By comparing the criteria with other related schemes, our scheme not only solves several hard security threats but also satisfies more functionality features.