An improvement of Hwang–Lee–Tang's simple remote user authentication scheme
Introduction
User authentication is an important part of security, along with confidentiality and integrity, for systems that allow remote access over untrustworthy networks, like the Internet. As such, a remote password authentication scheme (Lamport, 1981, Chang and Wu, 1991, Wu and Sung, 1996, Jan and Chen, 1998, Tan and Zhu, 1999, Yang and Shieh, 1999, Aoskan et al., 1999) authenticates the legitimacy of users over an insecure channel, where the password is often regarded as a secret shared between the remote system and the user. Based on knowledge of the password, the user can use it to create and send a valid login message to a remote system to gain the right to access. Meanwhile, the remote system also uses the shared password to check the validity of the login message and authenticate the user.
In 1981, Lamport proposed a remote password authentication scheme using a password table to achieve user authentication. However, one of the weaknesses of Lamport's scheme is that a verification table should be stored in the remote system in order to verify the legitimacy of a user. If an intruder can somehow break into the server, the contents of the verification table can be easily modified. Thus, recently, many password authentication schemes (Chang and Wu, 1991, Wu, 1995, Yang and Shieh, 1999, Hwang and Li, 2000, Sun, 2000, Chien et al., 2002, Hwang et al., 2002, Wu and Chieu, 2003) have recognized this problem and proposed solutions using smart cards in which the verification table is no longer required in the remote system. In 2000, Hwang and Li pointed out that Lamport's scheme (Lamport, 1981) suffers from the risk of a modified password table and the cost of protecting and maintaining the password table. Therefore, they proposed a new user authentication scheme using smart cards to eliminate the risk and cost. Hwang and Li's scheme can withstand replaying attacks and also authenticate users without maintaining a password table. Later, Sun (2000) proposed an efficient smart card-based user authentication scheme to improve the efficiency of Hwang and Li's scheme (Hwang and Li, 2000), and more recently, Hwang–Lee–Tang (Hwang et al., 2002) proposed a simple remote user authentication scheme, whereby it does not require any password or verification tables in the remote system and any legal users could choose and change their passwords freely without the help of a remote system. They claimed that their scheme provided effective authentication and also requires much fewer computations than other schemes as in Wu, 1995, Jan and Chen, 1998, Yang and Shieh, 1999, Hwang and Li, 2000, Chien et al., 2002.
However, their schemes previously generated user's secret hash values are insecure if the secret key of the server is leaked or is stolen, also when the smart card is stolen, unauthorized users can easily change new password of the smart card. Furthermore, their scheme cannot resist the denial of service attack using stolen smart card and does not provide mutual authentication. In some situations, mutual authentication is necessary to provide higher security. Accordingly, the current paper demonstrates the vulnerability of Hwang–Lee–Tang's scheme to above mentioned attacks and presents an enhancement to resolve such problems. As a result, the proposed scheme previously generated secret hash values are secure even if the secret key of the system is leaked or is stolen and enables users to update their passwords freely and securely, while also providing mutual authentication and fast detect it when user inputs wrong password. In addition, the computational costs of this scheme are less than those of any previously proposed schemes.
The remainder of this paper is organized as follows: next section briefly reviews Hwang–Lee–Tang's scheme, then follows its weaknesses. Further the proposed scheme is presented, while in the following sections the security and efficiency of the proposed scheme are discussed. Some final conclusions are given in last section.
Section snippets
Hwang–Lee–Tang's scheme
This section briefly reviews Hwang–Lee–Tang's scheme, which has a registration, login, authentication phase and password change phase, as explained in the following:
Registration phase: The user chooses a password , and then computes , where is a collision resistant one-way hash function. The user submits their identifier and to the remote system. These private data must be sent in person or over a secure channel. Upon receiving the registration request, the system
Cryptanalysis on Hwang–Lee–Tang's scheme
Hwang–Lee–Tang's scheme has the following security flaws:
- 1.
Suppose intruder has stolen the remote systems secret key x. It is obvious that he can compute each user's secret hash value as in Hwang–Lee–Tang's scheme. The corrupted key may be changed to stop intruder's activity by choosing a new and fresh secret key. However, it would be much expensive to re-compute all secret hash values at a time and communicate to the users.
- 2.
When the smart card is stolen, unauthorized users can easily
Proposed scheme
This section proposes an enhancement to Hwang–Lee–Tang's scheme that can withstand the security flaws described in previous sections. In addition, the proposed scheme also allows users to update their passwords freely and securely without the help of a remote system and provides mutual authentication between the user and a remote system. The security of the proposed scheme is based on a one-way hash function, and consists of a registration, login, authentication phase and password change phase.
Security analysis
In this section, we examine the security of our proposed scheme:
- 1.
Due to the fact that a one-way hash function is computationally difficult to invert, it is extremely difficult for any attacker to derive the system secret key x from . Even if the smart card of the user is picked up by an attacker, it is still difficult for the attacker to derive x.
- 2.
If an attacker tries to forge a valid parameter , they must have the system secret information , because must be derived from
Comparisons of computation costs
The computation costs of Hwang–Lee–Tang's scheme and the proposed scheme in registration, login, authentication, and change password phases are summarized in Table 2. In registration, login, authentication, and change password phases, Hwang–Lee–Tang's scheme requires totally 8 times hash operations for unilateral authentication, but proposed scheme requires totally 4 times hash operations. For mutual authentication, proposed scheme requires 6 times hash operations. It is obvious that our scheme
Conclusion
In the current paper, an enhancement to Hwang–Lee–Tang's scheme was proposed. Besides, the proposed scheme achieves the same advantages as Hwang–Lee–Tang's scheme and has the following merits:
- 1.
Any legal users can select and change their password freely and securely.
- 2.
The denial of service attack using stolen smart card is completely solved.
- 3.
Previously generated secret hash values are secure even if the secret key of the system is leaked or is stolen.
- 4.
The server spoofing attack is completely solved
Acknowledgements
We would like to thank the anonymous reviewers for their helpful comments. This work was supported by the Brain Korea 21 Project in 2004.
Eun-Jun Yoon received his BS in the School of Textile and Fashion Technology from the Kyung Il University, South Korea, and his MS in the Computer Engineering from the same University. He is now working toward the PhD degree in the Kyungpook National University. His research interests include cryptography and network security.
References (13)
- et al.
An efficient and practical solution to remote authentication: smart card
Comput Secur
(2002) - et al.
A simple remote user authentication
Math Comput Model
(2002) - et al.
‘Paramita wisdom’ password authentication scheme without verification tables
J Syst Softw
(1998) - et al.
Remote password authentication scheme based on cross-product
Comput Commun
(1999) Remote login authentication scheme based on a geometric approach
Comput Commun
(1995)- et al.
A user friendly remote authentication scheme with smart cards
Comput Secur
(2003)
Cited by (89)
Security bound enhancement of remote user authentication using smart card
2017, Journal of Information Security and ApplicationsCitation Excerpt :Proposed schemes are usually based on many cryptographic techniques without password table. In many verifier free schemes, the user's login identity was static [5–7,11,29]. Das et al. [12] shown that static login ID usage leaks some of the information about the user's login message to the adversary.
Dynamic ID-based remote user password authentication schemes using smart cards: A review
2012, Journal of Network and Computer ApplicationsA location-based multi-factor authentication scheme for mobile devices
2022, International Journal of Ad Hoc and Ubiquitous ComputingGeneralized Multi-server Platform-Based Remote User Authentication
2022, Lecture Notes in Electrical Engineering
Eun-Jun Yoon received his BS in the School of Textile and Fashion Technology from the Kyung Il University, South Korea, and his MS in the Computer Engineering from the same University. He is now working toward the PhD degree in the Kyungpook National University. His research interests include cryptography and network security.
Eun-Kyung Ryu received her MS in the Information & Communication Engineering from Keimyong University, South Korea. She is now working toward the PhD degree in the same University. Her research interests include cryptography and network security.
Kee-Young Yoo received his BS degree in education of mathematics from Kyungpook National University in 1976; the MS degree in Computer Engineering from Korea Advanced Institute of Science and Technology in 1978 and the PhD degree in the Computer Science from Rensselaer Polytechnic Institute, New York, U.S.A., in 1992. He is now a Professor at the Department of Computer Engineering, Kyungpook National University. His current research interests are wireless security and cryptography.