CRYPTANALYSIS AND ENHANCEMENT OF PASSWORD AUTHENTICATION SCHEME FOR SMART CARD

CRYPTANALYSIS AND ENHANCEMENT OF PASSWORD AUTHENTICATION SCHEME FOR SMART CARD

Raphael Nyirongo1 , Solomon Kuonga1 , Patrick Ali1 , Levis Eneya1 and Hyunsung Kim1,2 1Mathematical Sciences Department, University of Malawi, Chancellor College, Zomba, Malawi 2 (Corresponding Author) Department of Cyber Security, Kyungil University, Kyungbuk, Korea

ABSTRACT 

Password authentication with smart card is one of the simplest and efficient authentication mechanisms to ensure secure communication over insecure network environments. Recently, Tsai et al. proposed an improved password authentication scheme for smart card. Their scheme is more secure than the other previous schemes. In this paper, we show Tsai et al.’s scheme is vulnerable to password guessing attack and has computational overhead. Furthermore, we propose an enhanced password authentication scheme to eliminate the security vulnerability and enhance the overhead. By presenting concrete analysis of security and performance, we show that the proposed scheme cannot only resist various well known attacks, but also is more efficient than the other related works, and thus is feasible for practical applications.

 KEYWORDS 

Information Security, User Authentication, Password Authentication, Smart Card, Timestamp  

Comments

Post a Comment

Popular posts from this blog

Implementation of a New Methodology to Reduce the Effects of Changes of Illumination in Face Recognition-based Authentication Andres

Image
Implementation of a New Methodology to Reduce the Effects of Changes of Illumination in Face Recognition-based Authentication Andres  Alarcon-Ramirez, and Mohamed F. Chouikha  Department of Electrical Engineering, Howard University, Washington DC ABSTRACT   In this paper, the study of the effects of illumination changes in the process of face recognition is discussed. Additionally, a new methodology that integrates Single-Scale Retinex (SSR) and Scale Invariant Feature Transform (SIFT) is presented. The proposed methodology addresses the problem of illumination changes in face recognition-based authentication systems. To do this, the SSR transform eliminates the component of luminance from the face image and recovers the reflectance component which is invariant to illumination changes; then, the SIFT transform detects interest points from the reflectance component of the face image. The interest points are features rich in information and may be used to ...
Read more

A DEFENSE MECHANISM FOR CREDIT CARD FRAUD DETECTION

Image
A DEFENSE MECHANISM FOR CREDIT CARD FRAUD DETECTION   M.Sasirekha , Sumaiya Thaseen   and Saira Banu School of Computing Science and Engineering, VIT University, Tamil Nadu, India. ABSTRACT Computer security is one of the key areas where lot of research is being done. Many intrusion detection techniques are proposed to ensure the network security, protect network resources and network infrastructures. Intrusion detection systems (IDS) attempt to detect attacks by gathering network data and analyze the information from various areas to identify the possible intrusions. This paper proposes a defense mechanism combining three approaches such as anomaly, misuse and decision making model to produce better detection accuracy and a decreased false positive rate. The defense mechanism can be built to detect the attacks in credit card system using Hidden Markov approach in the anomaly detection module. The credit card holder’s behaviours are taken as attributes and t...
Read more

DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT

Image
DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT  Alexander Beck, Jens Graupmann, Frank Ortmeier Computer Systems in Engineering, Otto-von-Guericke-University, Magdeburg, Germany  ABSTRACT  The paper proposes a method based on different security-related factors to dynamically calculate the validity period of digital certificates. Currently validity periods are most often defined statically without scientific justification. This approach is not sufficient to objectively consider the actual need for security. Therefore the approach proposed in this paper considers relevant security criteria in order to calculate a meaningful validity period for digital certificates. This kind of security assessment can be executed periodically in order to dynamically respond to changing conditions. Especially in the context of complex systems and infrastructures that have an increased need for security, privacy and availab...
Read more