Security Vulnerabilities of User Authentication Scheme Using Smart Card

Abstract : With the exponential growth of Internet users, various business transactions take place over an insecure channel. To secure these transactions, authentication is the primary step that needs to be passed. To overcome the problems associated with traditional password based authentication methods, smart card authentication schemes have been widely used. However, most of these schemes are vulnerable to one or the other possible attack. Recently, Yang, Jiang and Yang proposed RSA based smart card authentication scheme. They claimed that their scheme provides security against replay attack, password guessing attack, insider attack and impersonation attack. This paper demonstrates that Yang et al.’s scheme is vulnerable to impersonation attack and fails to provide essential features to satisfy the needs of a user. Further, comparative study of existing schemes is also presented on the basis of various security features provided and vulnerabilities present in these schemes.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.106-113, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_8〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01534770
Contributeur : Hal Ifip <>
Soumis le : jeudi 8 juin 2017 - 11:06:35
Dernière modification le : jeudi 8 juin 2017 - 11:09:27
Document(s) archivé(s) le : samedi 9 septembre 2017 - 12:39:32

Fichier

978-3-642-31540-4_8_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Ravi Pippal, Jaidhar C.D., Shashikala Tapaswi. Security Vulnerabilities of User Authentication Scheme Using Smart Card. Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.106-113, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_8〉. 〈hal-01534770〉

Partager

Métriques

Consultations de la notice

91

Téléchargements de fichiers

114