IACR News item: 20 June 2013
Jue-Sam Chou1*, Chun-Hui Huang2, Yu-Siang Huang3, Yalin Chen4
ePrint Report
Recently, Khan et al. proposed an enhancement on a remote authentication scheme designed by Wang et al. which emphasizes on using dynamic identity. They claim that their improvement can avoid insider attack. However, we found the scheme lacks the anonymity property. Moreover, R. Madhusudhan et al. indicate their scheme also suffers the insider attack. Due to these observations, in this paper we propose a novel one which not only anonymously authenticates the remote user by using only two passes but also satisfies the ten requirements of an authentication scheme using smart card mentioned by Liao et al..
Additional news items may be found on the IACR news page.