Abstract
User’s password with smart card based authentication protocol is needed to access resources securely from remote server. In 2014, Huang et al. proposed a timestamp-based authentication protocol and they claimed that their scheme is secure against all possible attacks. In this paper, we have pointed out that Huang et al.’s scheme is insecure against off-line password guessing attack, insider attack and forgery attack. Beside these, inefficient password update phase can lead to denial of service. To remove these security loopholes, we have proposed an efficient RSA-cryptosystem based remote user authentication scheme using smart card. Security (formal and informal) analysis shows that the proposed scheme provides better security tradeoff than Huang et al.’s scheme. Further, we have simulated our proposed scheme for the formal security verification using Automated Validation of Internet Security Protocols and Applications tool to confirm that the proposed scheme is secure against passive and active attacks. Performance analysis shows that the proposed scheme provides lower computational and communication cost than Huang et al.’s scheme as well as other related competitive existing schemes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
