Author(s): |
Renjun Huang, Department of Computer Science and Information Engineering, TamKang University, Tamsui, Taipei Fengfu Su, Department of Computer Science and Information Engineering, TamKang University, Tamsui, Taipei Yangyi Chen, Department of Computer Science and Information Engineering, TamKang University, Tamsui, Taipei |
Abstract: |
Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Most of password authentication schemes are based on static identity, the adversary can use this information to trace and identify the user’s requests. This paper proposes two-factor dynamic ID-based remote user authentication scheme. Because of two-factor security, the intruder can not impersonate an authorized user to access server or network with only compromising one factor from the password or smart card. The authorized user will anonymously access server or network by the Dynamic ID. The proposed scheme provides mutual authentication, perfect forward secrecy, and resists the replay attack, password guessing attack, stolen-verifier attack and impersonating attack.
|