Volume 8 Number 11 (Nov. 2013)
Home > Archive > 2013 > Volume 8 Number 11 (Nov. 2013) >
JCP 2013 Vol.8(11): 2838-2843 ISSN: 1796-203X
doi: 10.4304/jcp.8.11.2838-2843

Security Analysis on a Timestamp-based Remote User Authentication Scheme

Zuowen Tan1 and Jianfeng Wang2
1 Department of Computer Science & Technology, School of Information Technology, Jiangxi University of Finance and Economics, Nanchang 330032, Jiangxi Province, P.R. China; Key Laboratory of Mathematics and Interdisciplinary Sciences of Guangdong Higher Education Institutes, Guangzhou University, Guangzhou 510006, P.R.China
2 Heibei Normal University of Science & Technology, Qinhuangdao, China; Information Security Center, Beijing University of Posts and Telecommunication, Beijing, China

Abstract—In recent years, many password-based remote user authentication schemes have been presented. In 2003, Shen et al. proposed a timestamp-based password authentication scheme using smart cards. In their scheme, the server does not need to maintain any verification table and only stores a secret key. However, Awasthi et al. found that Shen et al.’s scheme is vulnerable to impersonation attacks with the stolen card. Awasthi et al. proposed an improved remote user authentication scheme based smart cards. Unfortunately, the improved version is still insecure. We show that Awasthi et al.’s scheme is vulnerable to offline password guessing attacks, password compromise to the server, impersonation attack and important message leakage attacks. In addition, Awasthi et al.’s scheme has poor reparability.

Index Terms—Authentication, Smart Card, Timestamp, Impersonation Attacks, Password Guessing Attacks

[PDF]

Cite: Zuowen Tan and Jianfeng Wang, " Security Analysis on a Timestamp-based Remote User Authentication Scheme," Journal of Computers vol. 8, no. 11, pp. 2838-2843, 2013.

General Information

ISSN: 1796-203X
Frequency: Monthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, CNKI,etc
E-mail: jcp@iap.org
  • Sep 13, 2018 News!

    Vol 13, No 10 has been published with online version   [Click]

  • Apr 28, 2019 News!

    Vol 14, No 4 has been published with online version 8 papers are published in this issue after peer review   [Click]

  • Mar 20, 2019 News!

    Vol 14, No 3 has been published with online version   [Click]

  • Feb 22, 2019 News!

    Vol 14, No 2 has been published with online version 8 papers are published in this issue after peer review   [Click]

  • Jan 04, 2019 News!

    Vol 14, No 1 has been published with online version   [Click]

  • Read more>>