標題: | Efficient multi-server authentication scheme based on one-way hash function without verification table |
作者: | Tsai, Jia-Lun 數位內容製作中心 Center for Digital Content Production |
關鍵字: | authentication scheme;multi-server;smart card;one-way hash function;verification table |
公開日期: | 1-May-2008 |
摘要: | Following advances in network technologies, an increasing number of systems have been provided to help network users via the Internet. In order to authenticate the remote users, password-based security mechanisms have been widely used. They are easily implemented, but these mechanisms must store a verification table in the server. if an attacker steals the verification table from the server, the attacker may masquerade as a legal user. To solve the verification table stolen problem, numerous single server authentication schemes without verification tables have been proposed. These single authentication schemes suffer from a shortcoming. If a remote user wishes to use numerous network services, they must register their identity and password in these servers. in response to this problem, numerous related studies recently have been proposed. These authentication schemes enable remote users to obtain service from multiple servers without separately registering with each server. This study proposes an alternative multi-server authentication scheme using smart cards. The proposed scheme is based on the nonce, uses one-way hash function, and does not need to store any verification table in the server and registration center. The proposed scheme can withstand seven well known network security attacks. (C) 2008 Elsevier Ltd. All rights reserved. |
URI: | http://dx.doi.org/10.1016/j.cose.2008.04.001 http://hdl.handle.net/11536/9394 |
ISSN: | 0167-4048 |
DOI: | 10.1016/j.cose.2008.04.001 |
期刊: | COMPUTERS & SECURITY |
Volume: | 27 |
Issue: | 3-4 |
起始頁: | 115 |
結束頁: | 121 |
Appears in Collections: | Articles |
Files in This Item:
If it is a zip file, please download the file and unzip it, then open index.html in a browser to view the full text content.