Abstract
In a distributed network environment, password-authenticated key agreement schemes are fundamental security mechanisms. A security analysis of Chen et al.s scheme [Chen T H, Hsiang H C, Shih W K. Security enhancement on an improvement on two remote user authentication schemes using smart cards. Future Generation Computer Systems, 2011, 27(4): 337-380] was presented. It was found that Chen et al.s scheme cannot resist offline password guessing attacks, and does not have perfect forward secrecy. A security enhanced password-authenticated key agreement scheme was thus proposed. The proposed scheme maintains the good properties of Chen et al.s scheme, is resistant to offline password guessing attack and provides perfect forward secrecy. A security analysis of the proposed scheme demonstrated that it is capable of strong security. It is suitable for providing mutual authentication and key agreement between the user and the server in a distributed environment.
Abstract
In a distributed network environment, password-authenticated key agreement schemes are fundamental security mechanisms. A security analysis of Chen et al.s scheme [Chen T H, Hsiang H C, Shih W K. Security enhancement on an improvement on two remote user authentication schemes using smart cards. Future Generation Computer Systems, 2011, 27(4): 337-380] was presented. It was found that Chen et al.s scheme cannot resist offline password guessing attacks, and does not have perfect forward secrecy. A security enhanced password-authenticated key agreement scheme was thus proposed. The proposed scheme maintains the good properties of Chen et al.s scheme, is resistant to offline password guessing attack and provides perfect forward secrecy. A security analysis of the proposed scheme demonstrated that it is capable of strong security. It is suitable for providing mutual authentication and key agreement between the user and the server in a distributed environment.
Open Access
JUSTC
DownLoad: