Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: ① it can resist all the attacks listed in introduction; ② less storage mem- ory requirement due to no verification table stored in server; ③ low computational cost due to hash functions based operations; ④ even if the smart card is lost, the new system is still secure; ⑤ As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.
展开▼