A more efficient and secure dynamic ID-A more efficient and secure dynamic ID-based remote user authentication schemebased remote user authentication scheme

Yan-yan Wang, Jia-yong Liu , Feng-xia Xiao, Jing Dan

in Computer CommunicationsVol. 32, issue4, 4 March 2009, p.p 583-585

1

outlineoutline

• Introduction• Review Das et al ’s scheme• Wang et al ’s scheme• Analysis

2

IntroductionIntroduction

• Remote authentication– a mechanism to authenticate remote users over insecure

communication network

Introduction (Lamport)Introduction (Lamport)

4

)(PWhn

UserUser ServerServer

)(PWhn

)(PWh

stroren

)(PWh in

Registration

Login &

Auth

)(?))(( PWhPWhh nin

IntroductionIntroduction1981: Lamport proposed one-time password remote

authentication scheme

2000: Hwang and Li proposed a new remote user authentication scheme using smart cards (based on Elgamal)

2004: Das et al. proposed a dynamic id-based remote user authentication scheme (based on One-way hash)2005: Liao et al proposed an improved scheme by Das

2007: Liao and Wang’s scheme (verify on smart card)

2009: Wang et al.'s scheme (modify Das’s scheme)

Review of Das et al’s scheme(1/3)Review of Das et al’s scheme(1/3)• Registration phase

pwUserUser

ServerServer

PW)}, (h,yNcard{ Smart i ,

)()( xhPWhNi

Review of Das et al’s scheme(2/3)Review of Das et al’s scheme(2/3)• Login & verify phase

)(

))((

)()(

yBNThC

PWhCIDhB

TyNhPWhCID

iii

ii

ii

UserUser ServerServer

)(?

))((

)()(

&

'

''

'

yBNThC

PWhCIDhB

yTNhCIDPWh

TIDverify

ii

ii

ii

1

TCNCID iii ,,,

Review of Das et al’s scheme(3/3)Review of Das et al’s scheme(3/3)• Password Change phase

newPWPW ,UserUser

Smart cardSmart card

)()( newii PWhPWhNN

8

Security Flaw (1/3)Security Flaw (1/3)• The user’s authentication is independent of password.

)(

))((

)()(

yBNThC

PWhCIDhB

TyNhPWhCID

iii

ii

ii

ServerServer

)(?

))((

)()(

yBNThC

PWhCIDhB

yTNhCIDPWh

Tverify

ii

ii

ii

1

TCNCID iii ,,,

Security Flaw (2/3)Security Flaw (2/3) • In Registration phase, sending of PW to the user is redundant.

pwUserUser

ServerServer

PW)}, (h,yNcard{ Smart i ,

)()( xhPWhNi

Security Flaw (3/3)Security Flaw (3/3)• Impersonate server attack

)(

))((

)()(

yBNThC

PWhCIDhB

TyNhPWhCID

iii

ii

ii

UserUser ServerServer

)(?

))((

)()(

&

'

''

'

yBNThC

PWhCIDhB

yTNhCIDPWh

TIDverify

ii

ii

ii

1

TCNCID iii ,,,

Wang et al’s scheme(1/2)Wang et al’s scheme(1/2)• Registration phase

ID

UserUserServerServer

PW)}, (,card{Smart y,hN i

IDxhPWhNi )()(

12

Wang et al’s scheme(2/2)Wang et al’s scheme(2/2)• Login & verify phase

IDTyNhPWhCID ii )()(

UserUser ServerServer

IDID

PWhxhNID

IDTyNhCIDPWh

T

i

ii

?

)()(

)()(

verify

'

'

TNCIDID ii ,,,

',TaaTyPWhh

Tverify

?))(( '

'

))(( 'TyPWhha

compute

Security analysisSecurity analysis

14

Overcome an user authentication is independent of password:

IDxhPWhN i )()(

Withstand replay attack:

IDTyNhPWhCID ii )()( ))(( 'TyPWhha

Withstand impersonation server attack:

))(( 'TyPWhha ),( 'Ta

When the user wants to change the password PW to new password PW new

without taking any assistance from the remote system.

ConclusionsConclusions

• A remote user authentication method that removes all those security flaws.

• Provide a more secure and efficient scheme to be applied to password authentication.

15

Remark (password guessing & impersonation attack)Remark (password guessing & impersonation attack)

IDNPWhxh i )()(

If a valid user determine the hash of the secret value h(x) by intercepting Ni and obtain the value y, then he can impersonate server/user.

IDTyNhPWhCID ii )()(

UserUser ServerServer

IDID

PWhxhNID

IDTyNhCIDPWh

T

i

ii

?

)()(

)()(

verify

'

'

TNCIDID ii ,,,

',TaaTyPWhh

Tverify

?))(( '

'

))(( 'TyPWhha

compute