You are not logged in.

Further observations on smart-card-based password-authenticated key agreement in distributed systems

Huang,X, Chen,X, Li,J, Xiang,Y and Xu,L 2014, Further observations on smart-card-based password-authenticated key agreement in distributed systems, IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 7, pp. 1767-1775, doi: 10.1109/TPDS.2013.230.

Attached Files
Name Description MIMEType Size Downloads

Title Further observations on smart-card-based password-authenticated key agreement in distributed systems
Author(s) Huang,X
Chen,X
Li,J
Xiang,YORCID iD for Xiang,Y orcid.org/0000-0001-5252-0831
Xu,L
Journal name IEEE Transactions on Parallel and Distributed Systems
Volume number 25
Issue number 7
Start page 1767
End page 1775
Total pages 9
Publisher IEEE Computer Society
Place of publication Piscataway, N. J
Publication date 2014-07
ISSN 1045-9219
Keyword(s) Authentication
key exchange
offline-dictionary attack
online-dictionary attack
smart card
Science & Technology
Technology
Computer Science, Theory & Methods
Engineering, Electrical & Electronic
Computer Science
Engineering
USER AUTHENTICATION
REMOTE AUTHENTICATION
SECURITY ENHANCEMENT
SCHEME
EFFICIENT
IMPROVEMENT
ROBUST
Summary This paper initiates the study of two specific security threats on smart-card-based password authentication in distributed systems. Smart-card-based password authentication is one of the most commonly used security mechanisms to determine the identity of a remote client, who must hold a valid smart card and the corresponding password to carry out a successful authentication with the server. The authentication is usually integrated with a key establishment protocol and yields smart-card-based password-authenticated key agreement. Using two recently proposed protocols as case studies, we demonstrate two new types of adversaries with smart card: 1) adversaries with pre-computed data stored in the smart card, and 2) adversaries with different data (with respect to different time slots) stored in the smart card. These threats, though realistic in distributed systems, have never been studied in the literature. In addition to point out the vulnerabilities, we propose the countermeasures to thwart the security threats and secure the protocols. © 2013 IEEE.
Language eng
DOI 10.1109/TPDS.2013.230
Field of Research 080503 Networking and Communications
Socio Economic Objective 890202 Application Tools and System Utilities
HERDC Research category C1 Refereed article in a scholarly journal
ERA Research output type C Journal article
Copyright notice ©2014, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30067737

Document type: Journal Article
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 15 times in TR Web of Science
Scopus Citation Count Cited 19 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 195 Abstract Views, 2 File Downloads  -  Detailed Statistics
Created: Mon, 02 Feb 2015, 10:39:29 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.