A review and cryptanalysis of similar timestamp-based password authentication schemes using smart cards
The intent of this paper is to review some timestampbased password authentication schemes using smart cards which have similar working principles. Many of the proposed timestampbased password authentication schemes were subsequently found to be insecure. Here, we investigate three schemes with simil...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Kohat University of Science and Technology (KUST), Pakistan
2010
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/802/1/5653-19903-1-PB.pdf http://irep.iium.edu.my/802/ http://ijcnis.kust.edu.pk/article/view/5653 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The intent of this paper is to review some timestampbased password authentication schemes using smart cards which have similar working principles. Many of the proposed timestampbased password authentication schemes were subsequently found to be insecure. Here, we investigate three schemes with similar working principles, show that they are vulnerable to tricky forgery attacks, and thus they fail to ensure the level of security that is needed for remote login procedure using smart cards. Though there are numerous works available in this field, to the best of our knowledge this is the first time we have found some critical flaws in these schemes that were not detected previously. Along with the proofs of their flaws and inefficiencies, we note down our solution which could surmount all sorts of known attacks and thus reduces the probability of intelligent forgery attacks. We provide a detailed literature review how the schemes have been developed and modified throughout years. We prove that some of the schemes which so far have been thought to be intractable are still flawed, in spite of their later improvements. |
|---|