Sciweavers

JCIT
2010

Weaknesses of a Secure Dynamic ID Based Remote User Authentication Scheme

13 years 6 months ago
Weaknesses of a Secure Dynamic ID Based Remote User Authentication Scheme
In 2009, Liao and Wang proposed a secure dynamic ID based remote user authentication scheme for multi-server environments. They achieved user anonymity by using secure dynamic IDs instead of static IDs. Recently, Hsiang and Shih proposed an improved scheme to fix the security flaws found in Liao-Wang's scheme. Hsiang and Shih claimed that their scheme maintains the benefits and increases the security of Liao-Wang's scheme, while providing mutual authentication that Liao-Wang's scheme lacks. In this paper, however, it is shown that Hsiang-Shih's scheme cannot withstand user and server impersonation attacks. Their scheme is thus vulnerable to malicious users and insecure for practical applications.
Bae-Ling Chen, Wen-Chung Kuo, Yu-Shuan Chu
Added 19 May 2011
Updated 19 May 2011
Type Journal
Year 2010
Where JCIT
Authors Bae-Ling Chen, Wen-Chung Kuo, Yu-Shuan Chu
Comments (0)