Cryptanalysis of a dynamic ID‐based remote user authentication with key agreement scheme |
| |
| Authors: | Hong‐bin Tang Xin‐song Liu |
| |
| Affiliation: | 1. CEPREI Certification body, , Guangzhou, 510610 P.?R. China;2. School of Computer Science and Engineering, University of Electronic Science and Technology of China, , Chengdu, 610054 China |
| |
| Abstract: | A dynamic user authentication scheme allows a user and a remote server to authenticate each other without leaking the user's identity. In 2011, Wen and Li proposed an improved dynamic ID‐based remote user authentication with key agreement scheme for mobile and home networks. They claimed that their scheme was more secure than the scheme of Wang et al. However, we demonstrate that their scheme is vulnerable to the privileged insider, off‐line password guessing, impersonation, and server spoofing attacks. At the same time, it does not provide any user anonymity and forward secrecy property. Thus, it is not feasible for real‐life implementation.Copyright © 2012 John Wiley & Sons, Ltd. |
| |
| Keywords: | password anonymity authentication protocol cryptography |
|
|
