A lightweight authentication scheme with user untraceability

2015, Volume 16, Issue 4

Abstract

Keywords

Related Research

Frontiers of Information Technology & Electronic Engineering >> 2015, Volume 16, Issue 4 doi: 10.1631/FITEE.1400232

A lightweight authentication scheme with user untraceability

Department of Information Management, National Dong Hwa University, Taiwan 974, Hualien

Available online: 2015-04-14

HTML22 PDF 4 Collect 0

Next Previous

Abstract

With the rapid growth of electronic commerce and associated demands on variants of Internet based applications, application systems providing network resources and business services are in high demand around the world. To guarantee robust security and computational efficiency for service retrieval, a variety of authentication schemes have been proposed. However, most of these schemes have been found to be lacking when subject to a formal security analysis. Recently, Chang (2014) introduced a formally provable secure authentication protocol with the property of user-untraceability. Unfortunately, based on our analysis, the proposed scheme fails to provide the property of user-untraceability as claimed, and is insecure against user impersonation attack, server counterfeit attack, and man-in-the-middle attack. In this paper, we demonstrate the details of these malicious attacks. A security enhanced authentication scheme is proposed to eliminate all identified weaknesses.

Keywords

Authentication ; Privacy ; Security ; Smart card ; Untraceability

Related Research