Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards(Fundamental Theories for Communications)

Search this Article

Author(s)

    • KU Wei Chi
    • Department of Computer Science and Information Engineering, Fu Jen Catholic University
    • CHANG Shen Tien
    • Department of Computer Science and Information Engineering, Fu Jen Catholic University

Abstract

Recently, Das et al. proposed a dynamic ID-based verifier-free password authentication scheme using smart cards. To resist the ID-theft attack, the user's login ID is dynamically generated and one-time used. Herein, we demonstrate that Das et al.'s scheme is vulnerable to an impersonation attack, in which the adversary can easily impersonate any user to login the server at any time. Furthermore, we also show several minor weaknesses of Das et al.'s scheme.

Journal

  • IEICE transactions on communications

    IEICE transactions on communications E88-B(5), 2165-2167, 2005-05-01

    The Institute of Electronics, Information and Communication Engineers

Codes

  • NII Article ID (NAID)
    110003222893
  • NII NACSIS-CAT ID (NCID)
    AA10826261
  • Text Lang
    ENG
  • ISSN
    09168516
  • Data Source
    NII-ELS 
Page Top