Abstract
In 2009, Wang et al. proposed a dynamic ID-based remote user authentication scheme without any verification table which provides user anonymity and resists stolen-verifier and DOS attacks. However, Khan et al. pointed out that Wang et al.'s scheme cannot achieve user anonymity. Further, Khan et al. proposed an improved scheme to overcome the mentioned defect. In this paper, we first demonstrate that Khan et al.'s scheme is vulnerable to stolen-verifier and DOS attacks and propose a new authentication scheme without any verification table. The proposed scheme not only achieves user anonymity but also resists replay, stolen-verifier, and DOS attacks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
