Weakness Cryptanalysis of Liao's Scheme and Improved Remote User Authentication Scheme for Mobile Device

Abstract

Liao et al.’s has recently announced the suitable authentication scheme for mobile device environment, which can authenticate remote users by using QR code. However, Liao et al.'s scheme cannot satisfy several important security requirements. The biggest drawback of Liao et al.'s scheme is that it is not able to satisfy the mutual authentication between remote users and SP since it is vulnerable to eavesdropping, man-in-the-middle, theft and loss of mobile devices and forgery attack. This paper aims to analyze the problems of Liao, et al., scheme and propose a safe authentication scheme using password based QR code that has fixed the aforementioned vulnerabilities.