SpringerLink
Log in

Security on “Secure Remote Login Scheme with Password and Smart Card Update Facilities”

  • Conference paper
  • First Online:
Mathematics and Computing (ICMC 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 655))

Included in the following conference series:

Abstract

Several password authentication schemes utilizing smart cards have been proposed in the literature. Recently Kumar et al. proposed a new authentication scheme to access remote server over insecure channels. They also claimed that their scheme is able to resist various attacks. However, in this paper we demonstrate that Kumar et al. scheme is still vulnerable to various malicious attacks and is aslo unable to provide several essential security properties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 42.79
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 53.49
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  2. Amin, R.: Cryptanalysis and an efficient secure id-based remote user authentication scheme using smart card. IJCA 75, 1149–1157. Citeseer (2013)

    Google Scholar 

  3. Amin, R., Biswas, G.P.: Anonymity preserving secure hash function based authentication scheme for consumer USB mass storage device. In: IEEE 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT), pp. 1–6 (2015)

    Google Scholar 

  4. Amin, R., Biswas, G.P.: Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel. Pers. Commun. 84, 439–462 (2015)

    Article  Google Scholar 

  5. Amin, R., Biswas, G.P.: A novel user authentication and key agreement protocol for accessing multi-medical server usable in TMIS. J. Med. Syst. 39(3), 1–17 (2015)

    Article  Google Scholar 

  6. Amin, R., Biswas, G.P.: Remote access control mechanism using rabin public key cryptosystem. In: Mandal, J., Satapathy, S., Kumar Sanyal, M., Sarkar, P., Mukhopadhyay, A. (eds.) Information Systems Design and Intelligent Applications, pp. 525–533. Springer, Heidelberg (2015)

    Google Scholar 

  7. Amin, R., Maitra, T., Rana, S.P.: An improvement of wang. et. al’.s remote user authentication scheme against smart card security breach. Int. J. Comput. Appl. 75(13), 37–42 (2013)

    Google Scholar 

  8. Giri, D., Maitra, T., Amin, R., Srivastava, P.: An efficient and robust rsa-based remote user authentication for telecare medical information systems. J. Med. Syst. 39(1), 1–9 (2015)

    Article  Google Scholar 

  9. He, D., Kumar, N., Chilamkurti, N.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321, 263–277 (2015)

    Article  Google Scholar 

  10. He, D., Kumar, N., Chilamkurti, N., Lee, J.H.: Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J. Med. Syst. 38(10), 1–16 (2014)

    Article  Google Scholar 

  11. Islam, S.H.: A provably secure ID-based mutual authentication and key agreement scheme for mobile multi-server environment without ESL attack. Wirel. Pers. Commun. 79(3), 1975–1991 (2014)

    Article  Google Scholar 

  12. Islam, S.H.: Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps. Inf. Sci. 312, 104–130 (2015)

    Article  MathSciNet  Google Scholar 

  13. Islam, S., Biswas, G.P., Choo, K.K.R.: Cryptanalysis of an improved smartcard-based remote password authentication scheme. Inf. Sci. Lett. 3(1), 35–40 (2014)

    Article  Google Scholar 

  14. Islam, S., Khan, M.K., Obaidat, M., Muhaya, F.: Provably secure and anonymous password authentication protocol for roaming service in global mobility networks using extended chaotic maps. Wirel. Pers. Commun. 84, 2013–2034 (2015)

    Article  Google Scholar 

  15. Kumari, S., Khan, M.K.: Cryptanalysis and improvement of a robust smart-card-based remote user password authentication scheme. Int. J. Commun. Syst. 27, 3939–3955 (2013). doi:10.1002/dac.2590

    Article  Google Scholar 

  16. Hsieh, W.B., Leu, J.S.: Exploiting hash functions to intensify the remote user authentication scheme. Comput. Secur. 31(6), 791–798 (2012)

    Article  Google Scholar 

  17. Kumari, S., Khan, M.K., Li, X.: An improved remote user authentication scheme with key agreement. Comput. Electr. Eng. 40(6), 1997–2012 (2014)

    Article  Google Scholar 

  18. Ku, W.C., Chen, S.M.: Weakness and improvement of an efficient password based remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 50(1), 204–207 (2004)

    Article  Google Scholar 

  19. Karuppiah, M., Saravanan, R.: A secure remote user mutual authentication scheme using smart cards. J. Inf. Secur. Appl. 19(4–5), 282–294 (2014). doi:10.1016/j.jisa.2014.09.006

    Google Scholar 

  20. Ramasamy, R., Muniyandi, A.P.: New remote mutual authentication scheme using smart cards. Trans. Data Priv. 2(2), 141–152 (2009)

    MathSciNet  Google Scholar 

  21. Wang, X.M., Zhang, W.F., Zhang, J.S., Khan, M.K.: Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Comput. Stan. Interfaces 29(5), 507–512 (2007)

    Article  Google Scholar 

  22. Yoon, E.J., Ryu, E.K., Yoo, K.Y.: Further improvement of an efficient password based remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 50(2), 612–614 (2004)

    Article  Google Scholar 

  23. Wang, D., Ma, C.G., Zhang, Q.M., Zhao, S.: Secure password-based remote user authentication scheme against smart card security breach. J. Netw. 8(1), 148–155 (2013)

    Google Scholar 

  24. Yang, G., Wong, D.S., Wang, H., Deng, X.: Two-factor mutual authentication based on smart cards and passwords. J. Comput. Syst. Sci. 74(7), 1160–1172 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  25. Kumar, R., Amin, R., Karati, A., Biswas, G.P.: Secure remote login scheme with password and smart card update facilities. In: Das, S., Pal, T., Kar, S., Satapathy, S., Mandal, J. (eds.) Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA). Advances in Intelligent Systems and Computing (AISC), vol. 404, pp. 495–505. Springer, Heidelberg (2015). doi:10.1007/978-81-322-2695-6-41

    Google Scholar 

  26. Karuppiah, M., Saravanan, R.: A secure authentication scheme with user anonymity for roaming service in global mobility networks. Wirel. Pers. Commun. 84(3), 2055–2078 (2015)

    Article  Google Scholar 

  27. Karuppiah, M., Saravanan, R.: Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards. Journal of Discrete Mathematical Sciences and Cryptography 18(5), 623–649 (2015)

    Article  MathSciNet  Google Scholar 

  28. Wu, F., Xu, L., Kumari, S., Li, X., Das, A.K., Khan, M.K., Karuppiah, M., Baliyan, R.: A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks. Netw. Secur. Commun. 9, 3527–3542 (2016). doi:10.1002/sec.1558

    Article  Google Scholar 

  29. Kumari, S., Karuppiah, M., Li, X., Wu, F., Das, A.K., Odelu, V.: A Secure Trust-Extended Authentication Mechanism for VANETs. Security and Communication Network (2016)

    Google Scholar 

  30. Karuppiah, M., Kumari, S., Das, A.K., Li, X., Wu, F., Basu, S.A.: A secure lightweight authentication scheme with user anonymity for roaming service in ubiquitous networks. Secur. Commun. Netw. 9, 4192–4209 (2016)

    Article  Google Scholar 

  31. Karuppiah, M.: Remote user authentication scheme using smart card: a review. Int. J. Internet Protoc. Technol. 9, 107–120 (2016)

    Article  Google Scholar 

  32. Xu, J., Zhu, W.T., Feng, D.G.: An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces 31(4), 723–728 (2009)

    Article  Google Scholar 

  33. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) Advances in Cryptology – CRYPTO’ 99. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  34. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

  35. Ma, C.G., Wang, D., Zhao, S.D.: Security flaws in two improved remote user authentication schemes using smart cards. Int. J. Commun. Syst. 27, 2215–2227 (2012). doi:10.1002/dac.2468

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, VIT University, Vellore, 632014, Tamilnadu, India

    Marimuthu Karuppiah & S. Rajkumar

  2. School of Information Technology and Engineering, VIT University, Vellore, 632014, Tamilnadu, India

    Akshat Pradhan

  3. Department of Mathematics, CCS University, Meerut, 632014, India

    Saru Kumari

  4. Department of Computing Science and Engineering, Thapar University, Patiala, 632014, Punjab, India

    Ruhul Amin

  5. SSV Degree College, Hapur, 245101, Ghaziabad, India

    Rahul Kumar

Authors
  1. Marimuthu Karuppiah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Akshat Pradhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ruhul Amin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. S. Rajkumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Rahul Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marimuthu Karuppiah .

Editor information

Editors and Affiliations

  1. Haldia Institute of Technology, Haldia, India

    Debasis Giri

  2. University of Central Florida, Orlando, Florida, USA

    Ram N. Mohapatra

  3. Freie Universität Berlin, Berlin, Germany

    Heinrich Begehr

  4. Fordham University, Bronx, New York, USA

    Mohammad S. Obaidat

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Karuppiah, M., Pradhan, A., Kumari, S., Amin, R., Rajkumar, S., Kumar, R. (2017). Security on “Secure Remote Login Scheme with Password and Smart Card Update Facilities”. In: Giri, D., Mohapatra, R., Begehr, H., Obaidat, M. (eds) Mathematics and Computing. ICMC 2017. Communications in Computer and Information Science, vol 655. Springer, Singapore. https://doi.org/10.1007/978-981-10-4642-1_3

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-4642-1_3

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-4641-4

  • Online ISBN: 978-981-10-4642-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation