INFORMATICA

Informatica

0868-49520868-4952

inf14302

10.15388/Informatica.2003.022

Research article

Some Forgery Attacks on a Remote User Authentication Scheme Using Smart Cards

Chang

Chin‐Chen

ccc@cs.ccu.edu.twDepartment of Computer Science and Information Engineering, National Chung Cheng University, 160, Sanhsing, Minhsiung, Chaiyi 621, Taiwan

Hwang

Kuo‐Feng

kfhwang@mail.ntit.edu.twDepartment of Multimedia Desgin, National Taichung Institute of Technology, 129, Sec. 3, Sanming Rd., Taichung 404, Taiwan

01012003

14328929401072001

Smart card has been adopted to various applications. In 2000, Hwang and Li proposed a remote user authentication scheme, which is also using smart card. Nine months later, Chan and Cheng pointed out that there is a weakness in the remote authentication scheme proposed by Hwang and Li. In this paper, we show that Chan and Cheng's attack does not work well because they did not consider the format of user's identity. In addition, we propose several ways to solve the problem of Chan and Cheng's attack.

Keywordscryptographyauthenticationcryptanalysis