Authors : Jaewook Jung, Younsung Choi, Youngsook Lee and Dongho Won
Abstract: Remote user authentication schemes universally utilize to communicate between authorized users and remote servers through an unsafe network. By the benefit of its simplicity and convenience, this method is commonly employed in many conditions such as sensor networks or remote host login systems. In recent years, a few schemes taking advantages of smart cards for remote user authentication have been proposed. Lately, proposed a timestamp-based user authentication scheme by smart cards. They insisted that their scheme could withstand password guessing attack on off-line. However, there are some weaknesses in scheme. First of all, their scheme could not prevent off-line guessing password attack, impersonation attack, stolen verifier attack and privileged insider attack. Also, their scheme could not notice the wrong passwords in login phase and make it unshielded to change the user’s passwords in changing password phase. Moreover, their scheme could not able to guarantee the user’s anonymity. In this study, we propose a modified timestamp-based user authentication scheme to resolve the aforementioned vulnerabilities. Our proposed scheme is based on the RSA cryptosystem and our analysis demonstrates that this scheme ensures the safety and is more efficient than the previous schemes.
Jaewook Jung, Younsung Choi, Youngsook Lee and Dongho Won, 2019. Cryptanalysis and Improvements of a Timestamp-Based User Authentication Scheme for Wireless Communications. Journal of Engineering and Applied Sciences, 14: 8016-8025.