In 2004, Das, Saxena and Gulati proposed a dynamic ID-based remote user authentication scheme which has many advantage such as no verifier table, user freedom to choose and change password and so on. However the subsequent papers have shown that this scheme is completely insecure and vulnerable to many attacks. Since then many schemes with improvements to Das et al's scheme has been proposed but each has its pros and cons. Recently Yan-yan Wang et al. have proposed a scheme to overcome security weaknesses of Das et al.'s scheme. However this scheme too is vulnerable to various security attacks such as password guessing attack, masquerading attack, denial of service attack. KEYWORDS Password, Authentication, Smartcard, Remote User, Masquerade Attack
Mohammed Aijaz Ahmed, D. Rajya Lakshmi, Sayed Abdu