Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments
Summary :
Recently, Shao et al. [M. Shao and Y. Chin, A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment, IEICE Transactions on Information and Systems, vol.E95-D, no.1, pp.161–168, 2012] proposed a dynamic ID-based remote user authentication scheme with access control for multi-server environments. They claimed that their scheme could withstand various attacks and provide anonymity. However, in this letter, we will point out that Shao et al.'s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme is vulnerable to two kinds of attacks and cannot provide anonymity.
- Publication
- IEICE TRANSACTIONS on Information Vol.E96-D No.1 pp.138-140
- Publication Date
- 2013/01/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.E96.D.138
- Type of Manuscript
- LETTER
- Category
- Information Network
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Debiao HE, Hao HU, "Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments" in IEICE TRANSACTIONS on Information,
vol. E96-D, no. 1, pp. 138-140, January 2013, doi: 10.1587/transinf.E96.D.138.
Abstract: Recently, Shao et al. [M. Shao and Y. Chin, A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment, IEICE Transactions on Information and Systems, vol.E95-D, no.1, pp.161–168, 2012] proposed a dynamic ID-based remote user authentication scheme with access control for multi-server environments. They claimed that their scheme could withstand various attacks and provide anonymity. However, in this letter, we will point out that Shao et al.'s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme is vulnerable to two kinds of attacks and cannot provide anonymity.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E96.D.138/_p
Copy
@ARTICLE{e96-d_1_138,
author={Debiao HE, Hao HU, },
journal={IEICE TRANSACTIONS on Information},
title={Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments},
year={2013},
volume={E96-D},
number={1},
pages={138-140},
abstract={Recently, Shao et al. [M. Shao and Y. Chin, A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment, IEICE Transactions on Information and Systems, vol.E95-D, no.1, pp.161–168, 2012] proposed a dynamic ID-based remote user authentication scheme with access control for multi-server environments. They claimed that their scheme could withstand various attacks and provide anonymity. However, in this letter, we will point out that Shao et al.'s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme is vulnerable to two kinds of attacks and cannot provide anonymity.},
keywords={},
doi={10.1587/transinf.E96.D.138},
ISSN={1745-1361},
month={January},}
Copy
TY - JOUR
TI - Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments
T2 - IEICE TRANSACTIONS on Information
SP - 138
EP - 140
AU - Debiao HE
AU - Hao HU
PY - 2013
DO - 10.1587/transinf.E96.D.138
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E96-D
IS - 1
JA - IEICE TRANSACTIONS on Information
Y1 - January 2013
AB - Recently, Shao et al. [M. Shao and Y. Chin, A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment, IEICE Transactions on Information and Systems, vol.E95-D, no.1, pp.161–168, 2012] proposed a dynamic ID-based remote user authentication scheme with access control for multi-server environments. They claimed that their scheme could withstand various attacks and provide anonymity. However, in this letter, we will point out that Shao et al.'s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme is vulnerable to two kinds of attacks and cannot provide anonymity.
ER -
English
