首页> 外文OA文献 >Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

【2h】

Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

机译：具有非防篡改智能卡的三个基于密码的远程用户身份验证方案的密码分析

代理获取

本网站仅为用户提供外文OA文献查询和代理获取服务，本网站没有原文。下单后我们将采用程序或人工为您竭诚获取高质量的原文，但由于OA文献来源多样且变更频繁，仍可能出现获取不到、文献不完整或与标题不符等情况，如果获取不到我们将提供退款服务。请知悉。

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from offline dictionary attack or fail to achieve forward secrecy and user anonymity. It is worth mentioning that we divide offline dictionary attacks into two categories: (1) the ones using the verification from smart cards and (2) the ones using the verification from the open channel. The second is more complicated and intractable than the first type. Such distinction benefits the exploration of better design principles. We also discuss some practical solutions to the two kinds of attacks, respectively. Furthermore, we proposed a reference model to deal with the first kind of attack and proved its effectiveness by taking one of our cryptanalysis schemes as an example.

机译：远程用户身份验证是保证在线服务安全的第一步。在线服务迅速增长，并且提出了具有高能力和效率的许多远程用户身份验证方案。最近，有三种新的改进的远程用户认证方案，其声称对各种攻击抵抗。不幸的是，根据我们的分析，这些计划都没有实现一些关键的安全目标。本文展示了它们都遭受了离线词典攻击，或者未能实现前向保密和用户匿名性。值得一提的是，我们将离线词典攻击分为两类：（1）使用智能卡和（2）使用从开放通道的验证的验证。第二个是比第一种类型更复杂和棘手的。这种区别有利于探索更好的设计原则。我们还分别讨论了两种攻击的一些实际解决方案。此外，我们提出了一个参考模型来处理第一种攻击，并通过考虑一个密码分析计划作为示例来证明其有效性。

著录项

作者
Chenyu Wang; Guoai Xu;
展开▼
作者单位

展开▼
年度 2017
总页数
原文格式 PDF
正文语种 eng
中图分类

相似文献

外文文献
中文文献
专利

1. Cryptanalysis and Improvement of a Password-Based Remote User Authentication Scheme without Smart Cards [J] . He Debiao, Wang Ding, Wu Shuhua Engineering Economics . 2013,第2期

机译：没有智能卡的基于密码的远程用户身份验证方案的密码分析和改进
2. A Secure and Robust Password-Based Remote User Authentication Scheme Using Smart Cards for the Integrated EPR Information System [J] . Das Ashok Kumar Journal of medical systems . 2015,第3期

机译：使用智能卡的集成式EPR信息系统基于密码的安全，可靠的远程用户身份验证方案
3. Attacks on He et al.'s password-based remote user authentication scheme without smart cards [J] . International journal of mathematical analysis . 2014,第49期

机译：攻击He等基于密码的远程用户身份验证方案而无需使用智能卡
4. Secure Password-Based Remote User Authentication Scheme with Non-tamper Resistant Smart Cards [C] . Ding Wang, Chun-guang Ma, Peng Wu Annual IFIP WG 11.3 conference on data and applications security and privacy . 2012

机译：具有防篡改智能卡的基于密码的安全远程用户身份验证方案
5. Understanding Smartphone Authentication: A Qualitative and Quantitative Study about User Perception of Security and Authentication on Smartphones [D] . Soler, Xavier Rosado. 2017

机译：了解智能手机认证：对智能手机安全性和认证的用户看法的定性和定量研究
6. Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards [O] . Younghwa An 2012

机译：使用智能卡的基于生物特征的有效远程用户身份验证方案的安全性分析和增强
7. Secure Password-Based Remote User Authentication Scheme with Non-tamper Resistant Smart Cards [O] . Wang, Ding, Ma, Chun-guang, Wu, Peng 2012

机译：具有防篡改智能卡的基于安全密码的远程用户身份验证方案
8. Common Criteria Evaluation and Validation Scheme Validation Report: Smart Card Security User Group (SCSUG) Smart Card Protection Profile (SCPP), Version 3.0. [R] . 2001

机译：通用标准评估和验证方案验证报告：智能卡安全用户组（sCsUG）智能卡保护配置文件（sCpp），版本3.0。

Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅