Security analysis of a Novel Remote User Authentication Scheme

2019 jecet  
A novel remote user authentication scheme using smart card based on ECDLP is presented by Jena et al. The authors claimed that the presented remote user authentication scheme is secure against all security threats. This paper proves that the proposed scheme is vulnerable to serious security threats and also proves that does not satisfy the attributes of an ideal password authentication scheme. Date of publication on line 28.03.2017  It is clear that authentication server and the remote user do
more » ... not authenticate each other's before communicating.  The remote user's login ID is not dynamically changed for each login session. This is necessary to avoid partial information leakage about the user's login message.  The more important point is that authentication server is not forward protected. The proposed scheme is totally insecure if the secret key of the server is leaked out or stolen. CONCLUSION
doi:10.24214/jecet.c.8.3.15964 fatcat:drw5mt45mffaljqurtwlcuf66m