How to develop an efficient and secure authentication protocol has been a hot research topic in electronic and mobile commerce. Recently, Huang and Wei proposed a lightweight remote user authentication scheme with smart cards to fulfill the complete security requirements. However, Yeh et al. later pointed out that Huang-Wei’s scheme is vulnerable to the probing analysis attack. In this paper, we will further indicate that Huang-Wei’s scheme also fails to support mutual authentication in that their scheme is vulnerable to two different kinds of user impersonation attacks.
ICIC Express Letters: An International Journal of Research and Surveys 6(8), pp.2051-2056