The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Recently Lu et al. proposed a modified anonymous two-factor authenticated key exchange protocol to eliminate the security weaknesses of Xie et al.'s scheme. They hence claimed that their scheme is immune to possible well-known attacks. However, we found that Lu et al.'s protocol is still insecure against the outsider attack, user impersonation attack, and off-line password guessing attack. To overcome...
Providing Authentication to any system leads to provide more security to that system. There are many authentication techniques are available, such as textual password, biometric etc. Almost all securities are covered with textual password, still it has some drawbacks. It is not hard for hackers to hack computer system secured with textual password. When user types password, the hacker can trace the...
Online healthcare system provides healthcare services remotely to the patient which include telecare medicine system, patient monitoring system, patient healthcare system etc. Authentication schemes plays a significant and crucial role in providing legitimacy of patient and protection to medical resources/services. New trends in cryptography make the online healthcare services feasible solution to...
Interconnected computer systems and services using networks have improved the dependence on the stored accumulated data. Interconnected systems via network, in turn, could expedite security attacks. Recently, network security and cryptography techniques have evolved, leading to the advancement of biometric-based smart cards technique to implement the security of networks. In this paper, we demonstrated...
Smart card is widely accepted device which is used as a second authenticating factor in remote user authentication schemes. Kim-Chung proposed a remote user authentication scheme and they claimed that their scheme resists various security problems which were present in previous schemes such as offline leakage of password, stolen verifier attack, chances of masquerading the entities of the scheme....
Authentication refers to the process of ensuring confidentiality of data. It basically involves verifying a user's identity for accessing a system or service. There are three ways of authentication-i)using something that a user knows eg password ii)using something that a user has eg smart card or identity card iii)using something that a user is or does for example face, finger print, voice etc. To...
In this paper, we propose a remote password authentication scheme based on 3-D geometry with biometric value of a user. It is simple and practically useful and also a legal user can freely choose and change his password using smart card that contains some information. The security of the system depends on the points on the diagonal of a cuboid in 3D environment. Using biometric value makes the points...
In traditional symmetric authentication schemes for smart card, the smart card sends its card number in plaintext to verify the genuineness of the authentication server (AS), resulting in the leakage of some sensitive information and being attacked. Therefore, in this paper, to prevent the leakage of card number we propose a novel symmetric authentication scheme in which the card number is powered...
In this paper we propose a remote password authentication scheme based on a circle. This scheme is simple and practically feasible in a multi-server environment. In this scheme, we use some simple tangent theorem like secant tangent theorem and a strong one way function to authenticate the user and the server. Furthermore, a legal user can freely choose and change his password using his smart card...
User constrained devices such as smart cards are commonly used in human-protocol interaction. Modelling these devices as part of human-protocol interaction is still an open problem. Examining the interaction of these devices as part of security ceremonies offers greater insight. This paper highlights two such cases: modelling extra channels between humans and devices in the ceremony, and modelling...
One problem with most currently used transaction authentication methods is that they depend on the customer's computer for integrity of the information flow between customer and bank. This allows man-in-the-middle attacks to be conducted using malware for financial fraud. Some banks are implementing new authentication methods that allow customers to verify transactions received by a bank without depending...
At present time the unregistered SIM cards (here unregistered means the SIM cards which are registered with false information provided by dealer) are widely used for committing crimes in the perspective of Bangladesh. Due to the complexity of the present SIM card registration process, the subscribers are reluctant to register themselves. In this paper we propose a cloud based system model which demonstrates...
Smart card is a widely accepted user authentication tool to ensure only authorized access to resources available via open networks. In 2010, Sood et al. and Song independently examined a smart card based authentication scheme proposed by Xu et al. They showed that in Xu et al.'s scheme an internal user of the system could turn hostile to impersonate other users of the system. Sood et al. and Song...
In the present Internet age, one of the main challenging tasks is to provide confidentiality for user's transaction. Various authentication schemes have been proposed to secure the data from unauthorized users. One of the most prominent schemes is password based smart card authentication scheme used to withstand the possible attacks for verification table. However, most of these schemes are vulnerable...
With the popularity of Internet technology, remote user authentication is receiving more and more attention than before. Recently, Awasthi et al. analysed weakness of the timestamp-based authentication scheme proposed by Shen et al. and proposed an improved scheme to prevent its forgery attacks. They claimed that their scheme is secure against forged login attack, provides forward secrecy, and has...
Protocols of user authentication are able to ensure the security of data transmission and users¡¦ communication over insecure networks. Among various authenticated mechanisms run currently, the password-based user authentication, because of its efficiency, is the most widely employed in different areas, such as computer networks, wireless networks, remote login, operation systems, and database management...
User authentication plays an important role to ensure that only authorized users can access resources. Kim et al. proposed a remote user authentication scheme based on the Rabin cryptosystem to resist well-known attack such as offline password guessing attack, unlimited online password guessing attack and server impersonation. In their scheme, a user will be issued a smart card for authentication,...
Authentication and key agreement protocols are foundation for the security of distributed applications. In 2010, Yeh et al. proposed two authenticated key agreement protocols. The second protocol in Yeh et al. features user¡¦s anonymity. However, we found that the second scheme is vulnerable to replay attack, masquerade attack, and off-line password attack. In this paper, we first analyze Yeh et al...
In this paper, we first present the concept of a “fair” password authentication system which means that when a user provides a password that is unable to pass the authentication, the system is capable of taking a step ahead to detect and determine the real cause of the authentication failure, whether it was the user's own problem or that the authentication files had already been tampered with or damaged...
Smart cards have been used in a wide variety of vertical markets delivering security services related to physical access control, user authentication and high value data transactions. However, their adoption in plug-n-play removable data storage markets is generally hindered by their dependence on external smart card reader hardware, their proprietary communication protocol that requires installation...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.