Cryptanalysis of a mutual authentication scheme based on nonce and smart cards

Da Zhi Sun; Jin Peng Huai; Ji Zhou Sun; Jian Xin Li

doi:10.1016/j.comcom.2008.12.023

Cryptanalysis of a mutual authentication scheme based on nonce and smart cards

Da Zhi Sun^*
, Jin Peng Huai
, Ji Zhou Sun
, Jian Xin Li

^*Corresponding author for this work

School of Computer Science and Engineering

Tianjin University
Beihang University

Research output: Contribution to journal › Article › peer-review

28 Scopus citations

Abstract

To prevent the forged login attacks, Liu et al. recently proposed a new mutual authentication scheme using smart cards. However, we demonstrate that the attacker without any secret information can successfully not only impersonate any user to cheat the server but also impersonate the server to cheat any user. That is, Liu et al.'s scheme fails to defend the forged login attack as the previous version. Our cryptanalysis result is important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.

Original language	English
Pages (from-to)	1015-1017
Number of pages	3
Journal	Computer Communications
Volume	32
Issue number	6
DOIs	https://doi.org/10.1016/j.comcom.2008.12.023
State	Published - 27 Apr 2009

Keywords

Authentication
Forged login attack
Impersonation
Network security
Smart card

Access to Document

10.1016/j.comcom.2008.12.023

Cite this

@article{aab4bb570e7b49ecbb5e2c83b00e8e61,

title = "Cryptanalysis of a mutual authentication scheme based on nonce and smart cards",

abstract = "To prevent the forged login attacks, Liu et al. recently proposed a new mutual authentication scheme using smart cards. However, we demonstrate that the attacker without any secret information can successfully not only impersonate any user to cheat the server but also impersonate the server to cheat any user. That is, Liu et al.'s scheme fails to defend the forged login attack as the previous version. Our cryptanalysis result is important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.",

keywords = "Authentication, Forged login attack, Impersonation, Network security, Smart card",

author = "Sun, \{Da Zhi\} and Huai, \{Jin Peng\} and Sun, \{Ji Zhou\} and Li, \{Jian Xin\}",

year = "2009",

month = apr,

day = "27",

doi = "10.1016/j.comcom.2008.12.023",

language = "英语",

volume = "32",

pages = "1015--1017",

journal = "Computer Communications",

issn = "0140-3664",

publisher = "Elsevier B.V.",

number = "6",

}

TY - JOUR

T1 - Cryptanalysis of a mutual authentication scheme based on nonce and smart cards

AU - Sun, Da Zhi

AU - Huai, Jin Peng

AU - Sun, Ji Zhou

AU - Li, Jian Xin

PY - 2009/4/27

Y1 - 2009/4/27

N2 - To prevent the forged login attacks, Liu et al. recently proposed a new mutual authentication scheme using smart cards. However, we demonstrate that the attacker without any secret information can successfully not only impersonate any user to cheat the server but also impersonate the server to cheat any user. That is, Liu et al.'s scheme fails to defend the forged login attack as the previous version. Our cryptanalysis result is important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.

AB - To prevent the forged login attacks, Liu et al. recently proposed a new mutual authentication scheme using smart cards. However, we demonstrate that the attacker without any secret information can successfully not only impersonate any user to cheat the server but also impersonate the server to cheat any user. That is, Liu et al.'s scheme fails to defend the forged login attack as the previous version. Our cryptanalysis result is important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.

KW - Authentication

KW - Forged login attack

KW - Impersonation

KW - Network security

KW - Smart card

UR - https://www.scopus.com/pages/publications/61849087915

U2 - 10.1016/j.comcom.2008.12.023

DO - 10.1016/j.comcom.2008.12.023

M3 - 文章

AN - SCOPUS:61849087915

SN - 0140-3664

VL - 32

SP - 1015

EP - 1017

JO - Computer Communications

JF - Computer Communications

IS - 6

ER -

Cryptanalysis of a mutual authentication scheme based on nonce and smart cards

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this