•  
  •  
 

Turkish Journal of Electrical Engineering and Computer Sciences

Authors

EUNJUN YOON

Abstract

Remote mutual authentication is an important part of security, along with confidentiality and integrity, for systems that allow remote access over untrustworthy networks, like the Internet. In 2006, Shieh-Wang pointed out the weakness of Juang's remote mutual authentication scheme using smart card and further proposed a novel remote user authentication scheme using smart card. However, this paper demonstrates that Shieh-Wang's scheme still does not provide perfect forward secrecy and is vulnerable to a privileged insider's attack. We also present an improved scheme based on the Elliptic Curve Diffie-Hellman problem (ECDHP) and secure one-way hash function, in order to isolate such security problems.

DOI

10.3906/elk-1004-16

Keywords

Authentication, password, key agreement, cryptanalysis, smart card, elliptic curve cryptosystem

First Page

335

Last Page

347

Share

COinS