Volume 6 - Issue 6
Comments on a secure dynamic ID-based remote user authentication scheme for multi-server environment
Abstract
Recently, Liao and Wang proposed a dynamic ID-based scheme of user authentication over multi-server environments. Their scheme allows a user to register only once at the registration center and then he can access all the servers. Although they assumed that the registration center (RC) is reliable, some risks may occur on the service providers. The main reason of these risks is that all servers share the same master keys. Once one of the servers has been compromised, the system is not secure anymore. This paper mainly demonstrates some possible weaknesses of Liao and Wang s' scheme by giving several examples of risks such as message modification attacks, password guessing attacks, and server masquerade attacks.
Paper Details
PaperID: 77956971007
Author's Name: Wang, C., Chen, T., Chiu, C., Wei, S.
Volume: Volume 6
Issues: Issue 6
Keywords: Message modification attack, Multi-server, Password guessing attack, Server masquerade attack, User authentication
Year: 2010
Month: June
Pages: 1737 - 1742
