oalib
Search Results: 1 - 10 of 100 matches for " "
All listed articles are free for downloading (OA Articles)
Page 1 /100
Display every page Item
An Enhanced Remote User Authentication Scheme  [PDF]
Xiaohui Yang, Xinchun Cui, Zhenliang Cao, Ziqiang Hu
Engineering (ENG) , 2014, DOI: 10.4236/eng.2014.66030
Abstract:

Remote user authentication schemes are used to verify the legitimacy of remote users’ login request. Recently, several dynamic user authentication schemes have been proposed. It can be seen that, these schemes have weaknesses because of using timestamps. The implement of strict and safe time synchronization is very difficult and increases network overhead. In this paper, we propose a new dynamic user authentication based on nonce. Mutual authentication is performed using a challenge-response handshake between user and server, and it avoids the problems of synchronism between smart card and the remote server. Besides, the scheme provides user’s anonymity and session key agreement. Finally, the security analysis and performance evaluation show that the scheme can resist several attacks, and our proposal is feasible in terms of computation cost and communication cost.

An approach for user authentication One Time Password (Numeric and Graphical) Scheme  [cached]
Brajesh Kumar Kushwaha
Journal of Global Research in Computer Science , 2012,
Abstract: Day by day number of Internet users increasing. Now people are using different online services provided by Banks, College/Schools, Hospitals, online utility bill payment and online shopping sites. To access online services Text-based authentication system is in use. The text-based authentication scheme faces some drawbacks with usability and security issues that bring troubles to users. For example, if the user is not very intelligently constructed the password with extra security measures, it is very easy to hack for an expert hacker. On the contrary, if a password is hard to guess, then it is often hard to remember. A person has to memorize as many password as many different websites he/she is using. So he/she gets confused and/or forgets the correct userId/password combinations. We should have an alternative system to overcome these problems. To deal with these drawbacks, authentication scheme that use a combination of images as password is proposed. Graphical passwords consist of clicking or dragging activities on the pictures rather than typing textual characters, might be the option to overcome the problems that arises from the Text-based password system. In this paper, a comprehensive study of the existing graphical password schemes and shoulder surfing problem is performed. The best way in asynchronous mode user/password validation and One Time Password authentication is proposed for enhancement in security and privacy.
An Enhanced Remote User Authentication Scheme with Smart Card  [cached]
Manoj Kumar
International Journal of Network Security , 2010,
Abstract: In 2000, Hwang and Li's proposed a new remote user authentication scheme with smart cards. Some researchers pointed out the security weaknesses of Hwang and Li's scheme and they also proposed some modified schemes to avoid these weaknesses. In 2004, Kumar proposed a new remote user authentication scheme and try to solve the security problems of Hwang and Li's scheme. This paper analyzes that Kumar's scheme does not satisfy some essential security requirements. Kumar's scheme does not support mutual authentication, session key generation phase for secure communication. In addition, in Kumar's scheme, the remote user is not free to change his password. This paper present an enhanced remote user authentication scheme with smart card that not only resolves all the security problems of Hwang and Li's scheme, but also adds mutual authentication, session key generation and password change phase to Kumar's scheme and provides forward secrecy to the long term secret key of the remote server. In the proposed scheme, first the server and user authenticate one another and then generate a secret session key for secure communication. In our scheme, the remote user is free to change his/her password without connecting to server.
On the Security of ``an efficient and complete remote user authentication scheme''  [PDF]
Manik Lal Das
Computer Science , 2008,
Abstract: Recently, Liaw et al. proposed a remote user authentication scheme using smart cards. Their scheme has claimed a number of features e.g. mutual authentication, no clock synchronization, no verifier table, flexible user password change, etc. We show that Liaw et al.'s scheme is completely insecure. By intercepting a valid login message in Liaw et al.'s scheme, any unregistered user or adversary can easily login to the remote system and establish a session key.
A Simple User Authentication Scheme for Grid Computing  [cached]
Rongxing Lu,Zhenfu Cao,Zhenchuan Chai,Xiaohui Liang
International Journal of Network Security , 2008,
Abstract: The security issue has become an important concern of grid computing. To prevent the grid resources from being illegally visited, the strong mutual authentication is needed for user and server. In this paper, based on the elliptic curve cryptosystem, we would like to propose an efficient user authentication scheme for grid computing. The proposed scheme only requires a one-way hash function and server private key, which makes it more simple.
Advanced Secure Remote User Authentication Scheme Preserving User Anonymity  [cached]
chandra sekhar vorugunti,Mrudula Sarvabhatla
Journal of Global Research in Computer Science , 2012,
Abstract: To ensure secure transmission of data and to authenticate remote user while accessing server resources, smart card based remote user authentication schemes have been widely adopted. In 2004, Das et al proposed first of its kind of protocol for remote user authentication with smart cards using Dynamic Id to protect user anonymity. In 2005, Chien et al pointed out that Das et al scheme failed to preserve user anonymity and the scheme is equivalent to open access without any password and proposed a new scheme to remedy of Das et al. In 2008 Bindu et al pointed out that Chien et al scheme is insecure against Insider attack and Man in the Middle attack and proposed a new scheme to remedy of Chien et al. In this paper we will show that Bindu et al scheme cannot preserve user anonymity under their assumption. In addition their scheme is vulnerable to user-impersonation attack, server-masquerading attack, Man in the Middle attack, stolen smart card attack, password guessing attack, replay attack, fails to achieve mutual authentication and perfect forward secrecy (PFS). We then present our improved scheme to overcome the vulnerabilities stated in Bindu et al’s scheme while preserving all the merits of their scheme.
Improving the Novikov and Kiselev User Authentication Scheme  [cached]
Min-Ho Kim,Cetin Kaya Koc
International Journal of Network Security , 2008,
Abstract: Novikov and Kiselev [7] proposed an authentication method of a user from a remote autonomous object. Recently, Yang et al. [12] and Awasthi [1] have pointed out that the Novikov-Kiselev scheme is insecure against the man-in-the-middle attack. In this article, we propose an improved version of the Novikov-Kiselev scheme to overcome such vulnerability.
A New Secure Remote User Authentication Scheme with Smart Cards  [cached]
Manoj Kumar
International Journal of Network Security , 2010,
Abstract: Remote user authentication scheme is one of the simplest and the most convenient authentication mechanisms to deal with secret data over insecure networks. These types of schemes are applicable to the areas such as computer networks, wireless networks, remote login systems, operation systems and database management systems.The goal of a remote user authentication scheme is to identify a valid card holder as having the rights and privileges indicated by the issuer of the card. In recent years, so many remote user authentication schemes have been proposed to authenticate a legitimate user, but none of them can solve all possible problems and withstand all possible attacks. This paper presents a secure remote user authentication scheme with smart cards. The proposed scheme provides the essential security requirements and achieves particular attributes.
Cryptanalysis of Sun and Cao's Remote Authentication Scheme with User Anonymity  [PDF]
Dheerendra Mishra
Computer Science , 2013,
Abstract: Dynamic ID-based remote user authentication schemes ensure efficient and anonymous mutual authentication between entities. In 2013, Khan et al. proposed an improved dynamic ID-based authentication scheme to overcome the security flaws of Wang et al.'s authentication scheme. Recently, Sun and Cao showed that Khan et al. does not satisfies the claim of the user's privacy and proposed an efficient authentication scheme with user anonymity. The Sun and Cao's scheme achieve improvement over Khan et al.'s scheme in both privacy and performance point of view. Unfortunately, we identify that Sun and Cao's scheme does not resist password guessing attack. Additionally, Sun and Cao's scheme does not achieve forward secrecy.
Two Attacks on A User Friendly Remote Authentication Scheme with Smart Cards
Kuo-Feng Hwang,En Liao
Asian Journal of Information Technology , 2012,
Abstract: Recently, Wu and Chieu proposed a user-friendly remote authentication scheme with smart card. In their scheme, the users can choose and change their passwords freely. However, their scheme is insecure. In this paper, we propose two attacks on their scheme.
Page 1 /100
Display every page Item


Home
Copyright © 2008-2017 Open Access Library. All rights reserved.