Cryptanalysis and Improvement of Remote User Authentication Scheme Using Smart Card

Abstract

In a distributed environment, one of the major concerns is authentication of remote users. In this sector, legitimate users are more powerful attackers. The remote systems working with password and smart card ensures authorised access. Smart card based remote user authentication schemes have been adopted due to their low computation cost and portability. In 2012, Wen and Li proposed an improved dynamic ID based remote user authentication with key agreement scheme. They stated that their scheme provides protection against impersonation attack and preserves secret information. In this paper, we unveil the drawbacks of Wen and Li's scheme. Also we show that their scheme does not detect wrong password quickly, making it vulnerable to insider and smart card stolen attack. Further the scheme provides no protection for forward secrecy. To solve these security weaknesses, we propose a robust authentication scheme which overcomes all the pointed flaws, by keeping eminence of Wen and Li's scheme. � 2016 IEEE.