A countable and time-bound password-based user authentication scheme for the applications of electronic commerce

Information Sciences

Volumn 179, Issue 9, 2009, Pages 1269-1277

  Lin, Iuon Chang ^a   Chang, Chin Chen ^b  

^a NATIONAL CHUNG HSING UNIVERSITY   (Taiwan)

^b FENG CHIA UNIVERSITY   (Taiwan)

Author keywords

Electronic commerce; Password based user authentication; Quadratic residue

Indexed keywords

ACCESS CONTROL; COMMERCE; ELECTRONIC COMMERCE; MOBILE TELECOMMUNICATION SYSTEMS;

COMPUTATIONAL OVERHEADS; COMPUTING CAPABILITIES; FIXED NUMBERS; MOBILE ENVIRONMENTS; ON-LINE GAMES; PASSWORD-BASED USER AUTHENTICATION; QUADRATIC RESIDUE; REPLAY ATTACKS; USER AUTHENTICATION SCHEMES; VERIFICATION TABLES;

AUTHENTICATION;

EID: 60349091619     PISSN: 00200255     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ins.2008.12.026     Document Type: Article

References (37)

1. N.F.P. 46-1, Data encryption standard, National Burean of Standards, U.S. Department of Commerce, 1988.
2. I. 9797, Data cryptographic techniques-data integrity mechanism using a cryptographic check function employing a block cipher algorithm, Internal Organization for Standardization.
3. Chang C.C., Chen K.L., and Hwang M.S. End-to-end security protocol for mobile communications with end-user identification/authentication. Wireless Personal Communications 28 2 (2004) 95-106
4. C.C. Chang, R.J. Hwang, J.B. Daniel, Using smart cards to authenticate passwords, in: Proceedings of IEEE International Carnahan Conference on Security Technology, Ottawa, Canada, October 1993.
5. Chang C.C., and Hwang S.J. Using smart cards to authenticate remote passwords. Computers and Mathematics with Applications 26 7 (1993) 19-27
6. Chang C.C., Tsu S.M., and Chen C.Y. Remote scheme for password authentication based on theory of quadratic residues. Computer Communications 18 12 (1995) 936-942
7. Damgard I.B. A design principle for hash functions. Lecture Notes on Computer Science-Advances in Cryptology-CRYPTO'89 435 (1989) 416-427
8. Davies D.W. A message authentication algorithm suitable for a mainframe computer. Lecture Notes on Computer Science-Advances in Cryptology-CRYPTO'84 196 (1984) 393-400
9. Evans A.J., Kantrowitz W., and Weiss E. A user authentication scheme not requiring secrecy in the computer. Communications of the ACM 17 8 (1974) 437-442
10. FIPS, Proposed federal information processing standard for secure hash standard, Federal Register 57(21) (1992) 3747-3749.
11. Horng G. Password authentication without using password table. Information Processing Letters 55 5 (1995) 247-250
12. Hwang M.S. A remote password authentication scheme based on the digital signature method. International Journal of Computer Mathematics 70 4 (1999) 657-666
13. Hwang M.S., and Li L.H. A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46 1 (2000) 28-30
14. Jones G.A., and Jones J.M. Elementary Number Theory (1998), Springer-Verlag, London
15. Lee W.B., Wu C.C., and Tsaur W.J. A novel deniable authentication protocol using generalized Elgamal signature scheme. Information Sciences 177 6 (2007) 1376-1381
16. Lennon R.E., Matyas S.M., and Meyer C.H. Cryptographic authentication of time-invariant quantities. IEEE Transactions on Communications 29 6 (1981) 773-777
17. Li L.H., Lin I.C., and Hwang M.S. A remote password authentication scheme for multi-server architecture using neural networks. IEEE Transactions on Neural Networks 12 6 (2001) 1498-1504
18. Lu E.J.L., and Huang C.J. A time-stamping proxy signature scheme using time-stamping service. International Journal of Network Security 2 1 (2006) 43-51
19. Mangipudi K., and Katti R. A hash-based strong password authentication protocol with user anonymity. International Journal of Network Security 2 3 (2006) 205-209
20. Merkle R.C. One way hash function and DES. Lecture Notes on Computer Science-Advances in Cryptology-CRYPTO'89 435 (1989) 428-446
21. Merkle R.C. A fast software one-way hash function. Journal of Cryptology 3 1 (1990) 43-58
22. Miyaguchi S. The FEAL cipher family. Lecture Notes on Computer Science-Advances in Cryptology-CRYPTO'90 537 (1991) 627-638
23. Morris R., and Thompson K. Password security: a case history. Communications of the ACM 22 11 (1979) 594-597
24. Nam J., Lee Y., Kim S., and Merkle D.W.C. Security weakness in a three-party pairing-based protocol for password authenticated key exchange. Information Sciences 177 6 (2007) 1364-1375
25. Needham R.M., and Schroeder M.D. Using encryption for authentication in large networks of computers. Communications of the ACM 21 12 (1978) 993-999
26. Neumann P.G. Risks of passwords. Communications of the ACM 37 4 (1994) 126
27. N.I. of Standards, N. Technology, Digital Signature Standard, Technical Report NIST FIPS PUB 186, U.S. Department of Commerce, May 1994.
28. Santis A.D., Ferrara A.L., and Masucci B. Enforcing the security of a time-bound hierarchical key assignment scheme. Information Sciences 176 12 (2006) 1684-1694
29. Schneier B. Applied Cryptography. second ed. (1996), John Wiley and Sons
30. Shimizu A., and Miyaguchi S. Fast data encipherment algorithm FEAL. Lecture Notes on Computer Science-Advances in Cryptology-CRYPTO'87 304 (1987) 267-278
31. Tsai C.S., Lee C.C., and Hwang M.S. Password authentication schemes: current status and key issues. International Journal of Network Security 3 2 (2006) 101-115
32. Udi M. A simple scheme to make passwords based on one-way function much harder to crack. Computers & Security 15 2 (1996) 171-176
33. Wang S.J., and Chang J.F. Smart card based secure password authentication scheme. Computers & Security 15 3 (1996) 231-237
34. Wu T.C. Remote login authentication scheme based on a geometric approach. Computer Communications 18 12 (1995) 959-963
35. Wu T.C., and Sung H.S. Authentication passwords over an insecure channel. Computers & Security 15 5 (1996) 431-439
36. Yan S.S. Number Theory for Computing (2000), Springer-Verlag, Berlin, Germany
37. Yasinsac A., and Childs J. Formal analysis of modern security protocols. Information Sciences 171 1-3 (2005) 189-211