| |
|
|
|
A strong password-based remote mutual authentication with key agreement scheme on elliptic curve cryptosystem for portable devices |
|
|
|
PP: 217-222 |
|
|
|
Author(s) |
|
|
|
Xuelei Li,
Fengtong Wen,
Shenjun Cui,
|
|
|
|
Abstract |
|
|
| In this paper, we cryptanalyze Kim et al.’s scheme and point out several weaknesses in their scheme. Off-line password
guessing/dictionary attack could be effective. Moreover, we demonstrate that there is a mistake in their security analysis. To remedy
the weaknesses, we propose a more secure, robust and practical scheme, which is designed for portable devices based upon the discrete
logarithm on elliptic curve. In addition, the expensive synchronization clock system is replaced by nonce(ephemeral random number),
and the new scheme provides more functions for security and flexibility, including key agreement, password change, secret number
update, revocation and DoS-resistant. Finally, security analysis shows that our scheme could resist the known common attacks. |
|
|
|
|
 |
|
