Remote password authentication has been widely used in network systems and it aims to provide secure remote access control. In 2013, Li proposed a novel password authentication scheme based on elliptic curve cryptography and smart card [17]. However, we found that Li's authentication scheme has a serious security problem in that all registered users' sensitive passwords can be easily derived by the privileged-insider of remote server. Therefore, in this paper, we propose a slight modification on Li's scheme to prevent the shortcomings. Our improved scheme not only inherits the advantages of Li's password authentication scheme but also remedies the serious security weakness of not being able to withstand insider attack. © Springer International Publishing Switzerland 2013.
CITATION STYLE
Lee, C. C., Li, C. T., Weng, C. Y., Jheng, J. J., Zhang, X. Q., & Zhu, Y. R. (2013). Cryptanalysis and improvement of an ECC-based password authentication scheme using smart cards. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8300 LNCS, pp. 338–348). https://doi.org/10.1007/978-3-319-03584-0_25
Mendeley helps you to discover research relevant for your work.