A lightweight authentication scheme with user untraceability

Kuo Hui Yeh*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

11 Scopus citations

Abstract

With the rapid growth of electronic commerce and associated demands on variants of Internet based applications, application systems providing network resources and business services are in high demand around the world. To guarantee robust security and computational efficiency for service retrieval, a variety of authentication schemes have been proposed. However, most of these schemes have been found to be lacking when subject to a formal security analysis. Recently, Chang et al. (2014) introduced a formally provable secure authentication protocol with the property of user-untraceability. Unfortunately, based on our analysis, the proposed scheme fails to provide the property of user-untraceability as claimed, and is insecure against user impersonation attack, server counterfeit attack, and man-in-the-middle attack. In this paper, we demonstrate the details of these malicious attacks. A security enhanced authentication scheme is proposed to eliminate all identified weaknesses.

Original languageEnglish
Pages (from-to)259-271
Number of pages13
JournalFrontiers of Information Technology and Electronic Engineering
Volume16
Issue number4
DOIs
StatePublished - 21 Apr 2015

Keywords

  • Authentication
  • Privacy
  • Security
  • Smart card
  • Untraceability

Fingerprint

Dive into the research topics of 'A lightweight authentication scheme with user untraceability'. Together they form a unique fingerprint.

Cite this