Abstract
The services of the internet play an essential part in the daily life of the users. So, safety and confidentiality of the information are to be maintained to preserve user conviction in various services offered by network. The two-factor-based password verification techniques are used between remote server and legitimate users for verification over insecure channel. Several protocols have been suggested previously claiming their simplicity, privacy, safety, and robustness. The authors proved that their enhanced protocols are vulnerable to different attacks on the network and permit only authenticated users to update their password preserving traceability and identity. Analysis shows that no scheme has fulfilled all the security requirements and achieved entire goals. Therefore, in this article, a scheme has been presented to overcome these issues in the previous schemes to resist illegal access leading to misuse and achieve all the security requirements and goals. The safety analysis of the presented scheme has confirmed its performance in terms of reliability and safety.
Highlights
As time grows day by day, dependency of user in various technology increases which constituted a challenge regarding validity of the remote user
The two-factor-based password verification techniques are used between remote server and legitimate users for verification over insecure channel
The authors proved that their enhanced protocols are vulnerable to different attacks on the network and permit only authenticated users to update their password preserving traceability and identity
Summary
As time grows day by day, dependency of user in various technology increases which constituted a challenge regarding validity of the remote user. In the registration or authentication stage, initial validity is checked by smart card transmits user’s information towards server for more verification. Login Stage For obtaining services from si, user must login into the server by inserting its personal chip card into terminal input its own idi as well as pwdi. Verification Stage After receiving login request message {cidi, Bi’, Ji, Ki, t1, Ii} from ui, server authenticates user and after proper mutual authentication, session key will be established as follows: Step 1: Server acquires current time-stamp t2 justify whether t1 is authentic means t2-t1≤ ∆t. Step 1: Chip card computes the value of α= Ei⊕h(idiǁpwdi), mpwdi= h(αǁpwdi), h(h(idi)ǁx1)= Fi⊕mpwdi⊕α, βi= Ci⊕h(idiǁx1)⊕mpwdi test this equation Ai?= h(idiǁβiǁmpwdi) is correct or not. The modified password has changed successfully and this phase is terminated
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Digital Crime and Forensics
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
