IIUM Repository

A review and cryptanalysis of similar timestamp-based password authentication schemes using smart cards

Pathan, Al-Sakib Khan (2010) A review and cryptanalysis of similar timestamp-based password authentication schemes using smart cards. International Journal of Communication Networks and Information Security, 2 (1). pp. 15-20. ISSN 2073-607X (O), 2076-0930 (P)

[img]
Preview
PDF - Published Version
Download (218kB) | Preview

Abstract

The intent of this paper is to review some timestampbased password authentication schemes using smart cards which have similar working principles. Many of the proposed timestampbased password authentication schemes were subsequently found to be insecure. Here, we investigate three schemes with similar working principles, show that they are vulnerable to tricky forgery attacks, and thus they fail to ensure the level of security that is needed for remote login procedure using smart cards. Though there are numerous works available in this field, to the best of our knowledge this is the first time we have found some critical flaws in these schemes that were not detected previously. Along with the proofs of their flaws and inefficiencies, we note down our solution which could surmount all sorts of known attacks and thus reduces the probability of intelligent forgery attacks. We provide a detailed literature review how the schemes have been developed and modified throughout years. We prove that some of the schemes which so far have been thought to be intractable are still flawed, in spite of their later improvements.

Item Type: Article (Journal)
Additional Information: 6841/802
Uncontrolled Keywords: authentication, cryptanalysis, forgery, attack, secure, smart card
Subjects: T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology
Kulliyyah of Information and Communication Technology

Kulliyyah of Information and Communication Technology > Department of Computer Science
Kulliyyah of Information and Communication Technology > Department of Computer Science
Depositing User: Dr. Al-Sakib Khan Pathan
Date Deposited: 05 Aug 2011 09:21
Last Modified: 05 Aug 2011 09:22
URI: http://irep.iium.edu.my/id/eprint/802

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year