We propose a user authentication scheme with user anonymity for wireless communications. Previous works have some weaknesses such as (1) user identity can be revealed from the login message, and (2) after a smart card is no longer valid or is expired, users having the expired smart cards can generate valid login messages under the assumption that the server does not maintain the user information. In this letter, we propose a new user authentication scheme for providing user anonymity. In the proposed scheme, the server is capable of detecting forged login messages by users having only expired smart cards and their passwords without storing user information on the server.

To support secure database management, a number of value-added encryption schemes have been studied including order-revealing encryption (ORE) schemes. One of outstanding features of ORE schemes is the efficiency of range queries in an encrypted form. Compared to existing encryption methods, ORE leads to an increase in the length of ciphertexts. To improve the efficiency of ORE schemes in terms of the length of ciphertext, a new ORE scheme with shorter ciphertext has been proposed by Kim. In this paper, we revisit Kim's ORE scheme and show that the length of ciphertexts is not as short as analyzed in their paper. We also introduce a simple modification reducing the memory requirement than existing ORE schemes.