Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards

Abstract

In this paper, the security of a remote user mutual authentication scheme using smart cards proposed by Rajaram et al., [Rajaram R, Amutha Prabakar M, New Remote Mutual Authentication Scheme using Smart Cards, Transactions on Data Privacy, 2(2009): 141--152] is analysed. We show that Rajaram et al., scheme is still vulnerable to user impersonation attacks, off-line password guessing attacks and time synchronization problem. Moreover, the scheme does not provide an option to change or update the password and efficient login, and lacks proper mutual authentication. We also propose a password-based remote user mutual authentication scheme which provides the remedy for the vulnerabilities of Rajaram et al., scheme. Furthermore, performance analysis shows that compared with Rajaram et al., authentication scheme, our proposed scheme is simple and secure.