Remote authentication is an essential part of the rapid-growing electronic commerce. Recently, Huang and Wei proposed a complete authentication scheme using smart cards with only lightweight operations, such as exclusive-or operations, secure one-way hash functions, and pseudo-random number generators. However, Yeh et al. indicated that Huang-Wei's scheme is vulnerable to the probing analysis attack and then presented a security-enhanced scheme. In this paper, we will show that Yeh et al.'s enhanced scheme suffers from two different kinds of attacks. First, Yeh et al.'s scheme is also vulnerable to two different types of probing analysis attacks. Second, their scheme is susceptible to the user impersonation attack. Moreover, we also develop the mathematical backgrounds for these two types of probing analysis attacks, which can be used by the authentication protocol designers to avoid such kind of attacks.
Journal of Applied Science and Engineering=淡江理工學刊 16(3), pp.319-328