Paper 2014/115

Comments on a novel user authentication and key agreement scheme

Jia-Lun Tsai

Abstract

In 2013, Sun et al. showed that the related works' authentication schemes proposed by [2-7] are vulnerable to an insider attack and fail to provide mutual authentication. These two attacks can be successfully plotted by an adversary, since the private key of the server can compute all the legal users’ private keys. They then proposed a new remote user authentication and key agreement scheme for the mobile client-server environment. However, we find that their scheme is still vulnerable to insider attack (Sun et al.) and how to avoid such an insider attack on the client-server environment is still an open problem.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MAJOR revision.
Keywords
user authenticationkey agreementclient-server environmentinsider attackmutual authentication
Contact author(s)
crousekimo @ yahoo com tw
History
2014-02-16: received
Short URL
https://ia.cr/2014/115
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/115,
      author = {Jia-Lun Tsai},
      title = {Comments on a novel user authentication and key agreement scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2014/115},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/115}},
      url = {https://eprint.iacr.org/2014/115}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.