Cryptanalysis and Improvement of an ECC-Based Password Authentication Scheme Using Smart Cards
Remote password authentication has been widely used in network systems and it aims to provide secure remote access control.In 2013, Li proposed a novel password authentication scheme based on elliptic curve cryptography and smart card 17.However, we found that Lis authentication scheme has a serious security problem in that all reg istered users sensitive passwords can be easily derived by the privileged insider of remote server.Therefore, in this paper, we propose a slight modification on Lis scheme to prevent the shortcomings.Our improved scheme not only inherits the advantages of Lis password authentication scheme but also remedies the serious security weakness of not being able to withstand insider attack.
Cryptanalysis Elliptic curve cryptography (ECC) Pass word authentication Insider attack Smart card
Cheng-Chi Lee Chun-Ta Li Chi-Yao Weng Jian-Jhong Jheng Xiao-Qian Zhang Yi-Rui Zhu
Department of Library and Information Science,Fu Jen Catholic University 510 Jhongjheng Road,New Tai Department of Information Management,Tainan University of Technology 529 Zhongzheng Road,Tainan City Department of Computer Science,National Tsing Hua University 101 Kuango-Fu Road,Hsinchu City 30013,T
国际会议
The 5th International Symposium on Cyberspace Safety and Security ( CSS2013)(第五届国际网络空间安全和安保研讨会)
张家界
英文
338-348
2013-11-13(万方平台首次上网日期,不代表论文的发表时间)