Header menu link for other important links
Secure Smart Card Based Remote User Authentication Scheme for Multi-Server Environment to Eliminate Smart Card Security Breach
S saraswathi, , P yogesh
Published in American Scientific Publishers
Volume: 14
Issue: 11
Pages: 5174 - 5183
Remote user authentication technique based on smart card is a simple two-factor authentication technique that ensures secured access through insecure channels. Many smart card based remote user authentication schemes for single server and multi-server environments are proposed. In this paper, we focus on the remote user authentication scheme for the multi-server environment. Recently, Banerjee et al. analyze the capability of Li et al. scheme and find out that it is vulnerable to stolen smart card and user impersonate attack. Banerjee et al. propose a new scheme and claim that their scheme provides protection against various attacks. Braeken's analysis on Banerjee et al. shows that the scheme is not resistant to insider attack and also does not provide perfect forward secrecy. Our analysis on Braeken scheme shows that it is susceptible to impersonation attack, provides poor reparability and has no strong two factor security. Our analysis on these schemes shows that various attacks are possible as few parameters are insecurely stored in the smart card and are directly used in authentication phases. The dynamic property imposed in these schemes is based on a random number-nonce and this is either passed as plaintext or hidden by known parameters. We propose a new remote user multi-server authentication scheme based on Diffie-Hellman problem (DHP) and the one-way hash function to provide security to the data when transmitted. Our scheme fulfills the requirements of the multi-server authentication scheme and provides secure communication. © 2017 American Scientific Publishers.
About the journal
JournalData powered by TypesetJournal of Computational and Theoretical Nanoscience
PublisherData powered by TypesetAmerican Scientific Publishers
Open Access0