Security analysis of Ku-Chien''''s remote authentication scheme
Ku-Chien远程身份认证方案的安全性分析

Ku-Chien proposed a low cost and practical solution to password authentication using smart cards. The security of Ku-Chien's scheme was analyzed in this paper. It still has some weaknesses: it cannot resist parallel session attack; it also cannot withstand masquerading remote system attack. The reason of faults is due to the similar structure of secure information of login phase and authentication phase. Based on password changing counter, an enhanced password authentication scheme with better security strength was presented. This scheme has many merits: freely choosing and changing passwords; providing mutual authentication; resisting message replaying attack and inside attack; having strong security reparability; withstanding parallel session attack and remote system attack.