Cryptanalysis and security enhancement of a ‘more efficient & secure dynamic ID-based remote user authentication scheme’

Abstract

Remote user authentication is a method, in which remote server verifies the legitimacy of a user over an insecure communication channel. Currently, smart card-based remote user authentication schemes have been widely adopted due to their low computational cost and convenient portability for the authentication purpose. Recently, Wang et al. proposed a dynamic ID-based remote user authentication scheme using smart cards. They claimed that their scheme preserves anonymity of user, has the features of strong password chosen by the server, and protected from several attacks. However, in this paper, we point out that Wang et al.’s scheme has practical pitfalls and is not feasible for real-life implementation. We identify that their scheme: does not provide anonymity of a user during authentication, user has no choice in choosing his password, vulnerable to insider attack, no provision for revocation of lost or stolen smart card, and does provide session key agreement. To remedy these security flaws, we propose an enhanced authentication scheme, which covers all the identified weaknesses of Wang et al.’s scheme and is more secure and efficient for practical application environment.

Introduction

With the large-scale proliferation of internet and network technologies, smart card-based authentication schemes have been widely deployed to verify the legitimacy of remote user’s login request. In remote authentication process, a remote server authenticates a registered user based on his secret credentials. In traditional authentication schemes, the server or system has to store a password table to save passwords of all the registered users of the system. In 1981, Lamport presented a remote user authentication scheme using password tables [1]. Lamport claimed that his scheme is secure even if an adversary eavesdrops on the communication between a user and remote system. In 2000, Hwang and Li [2] identified that Lamport’s scheme is susceptible to the risks of hacking and modifying the password table. Thus, Hwang and Li proposed a remote user authentication scheme without using the password table, which was based on El Gamal public key encryption method [3]. Until now, there have been ample of remote user authentication schemes published in the literatures and each published scheme has its own merits and demerits [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20], [21], [22], [23], [24], [25], [26], [27], [28].

A common feature among most of the published schemes is that the user’s identity is static in all the transaction sessions, which may leak some information about that user and can create risk of ID-theft during the message transmission over an insecure channel. To overcome this risk, Das et al. [16] proposed a dynamic ID-based remote user authentication scheme. Their scheme is novel, because dynamic identity for each transaction session can avoid the risk of id-theft or impersonation. Their scheme was based on one way hash functions and user can freely choose and change passwords without any hassle. Das et al. claimed that their scheme is secured against replay, forgery, guessing, insider, and stolen verifier attacks. Unfortunately, later on, some researchers revealed that their scheme is not as much secured as they claimed and has some drawbacks.

First, Awashti [17] identified that Das et al.’s scheme is completely insecure and works like an open channel. Awashti also concluded that Das et al’s scheme does not full fill the basic needs of authentication schemes. Later on, Chien and Chen [23] pointed out that Das et al.’s scheme failed to protect the anonymity of a user and then proposed an improved remote authentication scheme, which preserves user anonymity. Furthermore, Ku and Chang also revealed some more weaknesses of Das et al.’s scheme [18]. Ku and Chang demonstrated that Das et al.’s scheme is susceptible to the impersonation attack, in which an intruder can easily get login into the remote system. Furthermore, Ku and Chang pointed out that Das et al.’s scheme has risk of insider attack and cannot be easily repaired [18].

Liao et al. [25] also analyzed the security of Das et al.’s scheme and showed that their scheme is vulnerable to guessing attack and does not provide mutual authentication. To overcome the security pitfalls of Das et al.’s scheme, Liao et al. proposed an enhancement to cope with the aforementioned security flaws. However, later on, Misbahuddin and Bindu [26] identified that the security patch of Liao et al. is still not secure and their scheme cannot withstand impersonation attack, reflection attack and is completely insecure as a user can successfully log on to a remote system with a random password.

Afterward, Liao and Wang [27] presented a dynamic ID-based remote user authentication scheme for multi-server environment. Their scheme attempts to preserve user’s anonymity and uses simple hash functions. Liao and Wang claimed that their scheme achieves mutual authentication and provides session key agreement. Later on, Hsiang and Shih [28] identified that Liao and Wang’s scheme is vulnerable to insider’s attack, masquerade attack, server spoofing attack, registration center spoofing attack and is not reparable.

More recently, Wang et al. [19] showed that Das et al.’s scheme is completely insecure for its independence of using passwords, does not provide mutual authentication, and cannot resist fake-server attack. Wang et al. proved that Das et al.’s scheme performs only unilateral authentication (only client authentication) and remote user has no information about the authenticity of the remote authentication system, thus Das el al.’s scheme is susceptible to the server spoofing attack. Wang et al. then proposed a dynamic ID-based remote user authentication scheme and claimed that their scheme is more efficient and secure than Das et al.’s scheme.

However, in this paper, firstly, we show that Wang et al.’s scheme suffers from attacks and have some practical security pitfalls. Moreover, we discuss that their scheme has weaknesses and is insecure, inefficient, and infeasible for implementation in the real environment. To overcome the security flaws of Wang et al.’s scheme, we propose an improved dynamic ID-based remote user authentication scheme which provides the missing security provisions that are necessary for a practical and real-life smart card-based authentication scheme.

Rest of the paper is organized as follows: Section 2 briefly reviews Wang et al.’s scheme, Section 3 elaborates on the weaknesses and security pitfalls of their scheme, Section 4 presents our proposed improved scheme, Section 5 discusses the security analysis of our scheme, Section 6 provides security features of the presented scheme, and at the end, Section 7 concludes this paper.