Institute of Electrical and Electronics Engineers (IEEE)
A complete remote authentication scheme should provide the following security properties: (1) mutual authentication, (2) session key exchange, (3) protection of user anonymity, (4) support of immediate revocation capability, (5) low communication and computation cost, (6) resistance to various kinds of attacks, (7) freely choosing and securely changing passwords by users, and (8) without storing password or verification tables in servers. However, none of the existing schemes meets all the requirements. In this paper, along the line of cost effective approach using hash functions for authentication, we propose an efficient and practical remote user authentication scheme with smart cards to support the above complete security properties.
Intelligence and Security Informatics, 2008. ISI 2008. IEEE International Conference on, pp.122-127