DoS-resistant ID-based password authentication scheme using smart cards |
| |
Authors: | Min-Shiang Hwang [Author Vitae] Song-Kong Chong [Author Vitae] [Author Vitae] |
| |
Affiliation: | a Department of Management Information Systems, National Chung Hsing University, 250 Kuo Kuang Road, Taichung 402, Taiwan, ROC b Department of Computer Science and Information Engineering, National Cheng-Kung University, 1 University Road, Tainan 701, Taiwan, ROC c Department of Computer Science and Engineering, National Chung Hsing University, 250 Kuo Kuang Road, Taichung 402, Taiwan, ROC |
| |
Abstract: | In this paper, we provide a defense mechanism to Kim-Lee-Yoo’s ID-based password authentication scheme, which is vulnerable to impersonation attacks and resource exhaustion attacks. Mutual authentication and communication privacy are regarded as essential requirements in today’s client/server-based architecture; therefore, a lightweight but secure mutual authentication method is introduced in the proposed scheme. Once the mutual authentication is successful, the session key will be established without any further computation. The proposed defense mechanism not only accomplishes the mutual authentication and the session key establishment, but also inherits the security advantages of Kim-Lee-Yoo’s scheme, e.g. it is secure against password guessing attacks and message replay attacks. |
| |
Keywords: | ID-based scheme Client puzzles Password authentication Resources exhaustion attack Smart card |
本文献已被 ScienceDirect 等数据库收录! |
|