A security enhanced mutual authentication scheme based on nonce and smart cards |
| |
Authors: | Wenbo Shi Debiao He |
| |
Affiliation: | 1. Department of Electronic Engineering, Northeastern University at Qinhuangdao, No. 143 Taishan Road, Economic and Technic Development Zone of Qinhuangdao, Qinhuangdao, Hebei 066004, Chinaswb319@hotmail.com;3. School of Mathematics and Statistics, Wuhan University, Luojiashan, Wuchang, Wuhan, Hubei 430072, China |
| |
Abstract: | There are many mutual authentication schemes proposed in the literature for preventing unauthorized parties from accessing resources in an insecure environment. However, most of them based on smart cards have assumed a tamper resistant condition for the smart card. To solve the problem, Huang, Liu, and Chen (2013) proposed a mutual authentication scheme based on nonce and smart cards and claimed that the adversary was not able to attack and access the system even if he could extract the data stored in the smart card. Unfortunately, in this paper, we will demonstrate that Huang et al.’s scheme is vulnerable to the offline password guessing attack and the privileged insider attack. We also propose an improved scheme to overcome the weaknesses. |
| |
Keywords: | mutual authentication smart card password |
|
|