Efficient Two-Pass Anonymous Identity Authentication Using Smart Card

Transcription

1 Efficient Two-Pass Anonymos Identity Athentication Using Smart Card Je-Sam Cho 1 *, Chn-Hi Hang 2, Y-Siang Hang 3, Yalin Chen 4 1 Department of Information Management, Nanha University Chiayi 622 Taiwan, *: corresponding athor jscho@mail.nh.ed.tw 2,3 Department of Information Management, Nanha University Chiayi 622 Taiwan, 2 g @mail1.nh.ed.tw 3 g @mail1.nh.ed.tw Tel: 886+ (0) ext Institte of information systems and applications, National Tsing Ha University d949702@oz.nth.ed.tw Abstract Recently, Khan et al. proposed an enhancement on a remote athentication scheme designed by Wang et al. which emphasizes on sing dynamic identity. They claim that their improvement can avoid insider attack. However, we fond the scheme lacks the anonymity property. Moreover, R. Madhsdhan et al. indicate their scheme also sffers the insider attack. De to these observations, in this paper we propose a novel one which not only anonymosly athenticates the remote ser by sing only two passes bt also satisfies the ten reqirements of an athentication scheme sing smart card mentioned by Liao et al.. Keyword: smart card-based, anonymos verify, insider attack, remote athentication. 1. Introdction Password-based athentication protocols [1-5, 7-13, 15, 17-24, 26-30, 32-34, 37-38] are widely adopted for logging to remote servers. If designed appropriately, they can provide athentication between the client and the server to assre both parties legality. However, an attacker may compromise the passwords after their long-time sage. Therefore, a designer sally accommodates sch a scheme with password changing fnction. Most recently in 2013, there are many stdies proposed in this field [39-44]. However, other than schemes [6, 17, 22, 31, 39] which are anonymos, all the others in the literatre cannot satisfy the three important properties: (1) two passes to redce the network traffic and increase system performance to be applied in specific circmstances, (2) the anonymity, and (3) the ten secrity featres proposed by Liao et al.. Inspired by this observation, in this paper we attempt to propose sch a scheme. In the scheme, we let the secret keys of both the ser and the server be x and y, respectively which are 1

2 embedded in related parameters to complete the three properties. After varios secrity analyses, we fond that we can achieve this goal. The rest of this paper is organized as follows. In Section 2, we review the weakness of Khan et al. s scheme. Section 3, presents the proposed scheme. Section 4 analyzes its secrity, and section 5 makes comparisons between or work with some others in the literatre and briefly describe its applications. Finally, a conclsion is given in Section Weaknesses in Khan et al. s and Song s schemes Among the related schemes in the literatre, Song s [37] claim that their scheme is efficient and strong, bt we fond the scheme is still vlnerable to password gessing attack if the card is lost, and not anonymos. Both Khan et al. and Wang et al. [1, 23] schemes concern abot anonymos identity athentication. They emphasize that their schemes possess the demanded anonymity, bt R. Madhsdhan et al. s [34] fond Khan s scheme sffers an insider attack. In addition, we also fond it has the smart card lost attack and indeed cannot athenticate anonymosly. Khan et al. s scheme is flawed. Becase, R. Madhsdhan et al. [34] indicate that it sffers the insider attack. Moreover, we frther fond an attacker can know AID i from the transmitted message and ths can obtain the ser's identity ID i by compting ID i =AIDi h(y T i d) from the vale y stored in the smart card. Therefore, their scheme is not anonymos. The song s scheme is vlnerable to smart card lost password gessing attack. Becase if an attacker obtains the card, he knows B A. He can then gess the card holders password PW A as PW A and compte K A =B A h(pw A ). Then, comptes R A =D KA (W A ) T A and compares h(id A R A T S ) with C S. If they are eqal, the attacker gesses ID A S password correctly. 3. Or Proposed Scheme From the above mentioned, we know that there still lacks a valid anonymos mtal athentication scheme in the literatre. Hence, we propose a novel one to resolve this problem. Or scheme consists of three phases, the registration phase, login and athentication phase, and password change phase. In the following, we first show the sed notations and then describe the three phases. Used Notions U : the ser. x : U s secret vale. S : the server. y : S s secret vale. ID : the identity of U. N s : a random nmber selected by S. PW : the password of U. T : the timestamp. 2

3 ID s : the identity of S. : the concatenation operation. C v : a random nmber selected by U. N : a random nmber selected by the smart card. PW : a new password chosen by U in the password change phase. pc : a random nmber selected by U for changing password. h : a collision free one-way hash fnction, mapping from {0,1} * to {0,1} n. 3.1 Registration Phase card. In this phase, U does the following two steps to register at S for obtaining a smart Step 1. U chooses his ID, PW, and two random nmbers C v and pc, and comptes =h(id PW x). Then, he sends {C v,, x, pc, ID } to S throgh a secre channel. Step 2. After receiving the message from U, S comptes B=h(ID s y C v ) h(id s y), A= h(id s y C v ) h(id s y) =h(id PW x), R=pc h(id ID s y), and O=h(h(pc ) h(h(id ID s y) )), and then stores {h( ), ID, C v, A, x, O, R} into the smart card. Later, U will se the parameters O and R to do the password change phase, if he wishes. The flowchart of registration phase is shown below in Fig. 1. ser(u) smart card server(s) Registration Phase Chooses ID, PW, and two random nmbers C v, pc C v, =h(id PW x), x, pc, ID Comptes B=h(ID s y C v ) h(id s y) A=B R=pc h(id ID s y) O=h(h(pc ) h(h(id ID s y) )) stores {h( ), ID, C v, A, x, O, R}into the smart card Fig. 1. Registration phase 3

4 3.2 Login And Athentication Phase When U wants to login S, he first inserts his smart card and then exectes the following steps together with S to do the mtal athentication. Step 1. The smart card selects a random nmber N, comptes =h(id PW x) and F= N, and acqires the crrent timestamp T from the system. It then comptes B=A, N=h(N ) ID, M=h(T h(b N)), and Q=h( h(n )). Step 2. Then, U sends message {C v, A, F, M, N, Q, T} to S for the athentication. Step 3. S checks to see whether ( T' T) T, where T is the crrent system time. If so, S rejects the login reqest; otherwise, it comptes B =h(id s y C v ) h(id s y), =A B, N =F, ID N h( N ' ' ), and checks whether the eqation Q h( ' h( N ' ' )) holds. If it holds, S confirms that the vales of ID, N, and are valid. It then checks whether eqation M h( T h( B' N)) holds or not. If it holds, S selects a random nmber N s and comptes C=h(N ) N s, D=h(ID s y N s ) h(id s y) N s, E=h(N h(n s )), and session key Sk=h(N N s ). Step 4. S then sends message {C, D, E} to the smart card. Step 5. Upon receiving the message from S, the smart card comptes Ns' C h( N), and checks if E=h(N h(n s )) holds. If it holds, the smart card replaces A and C v by D N s h(b) N and N s h(b) h(n ), respectively for the next login. And then comptes the common session key Sk h( N Ns' ). Now, U and S share the same session key SK. The flowchart of the login and the athentication phase is shown below in Fig. 2. Login And Athentication Phase ser(u) smart card server(s) Inpt ID, PW ID, PW 1. Selects a random nmber N Comptes =h(id PW x) F= N 4

5 Crrent T Comptes B=A N=h(N ) ID M=h(T h(b N)) Q=h( h(n )) 2. C v, A, F, M, N, Q, T 3. Checks (T -T)< T, if so Comptes B =h(id s y C v ) h(id s y) =A B N =F ID =N h(n ) Q?= h( h(n )) Obtains ID, N, and Checks M?= h(t h(b N)), if so Selects a random nmber N s Comptes C, D, E Comptes N s =C h(n ) Checks E?= h(n h(n s )), if so /*For next login, the smart card pdates A, C v */ C=h(N ) N s D=h(ID s y N s ) h(id s y) N s h(b) N E=h(N h(n s )) Sk=h(N N s ) A=D N s h(b) N C v =N s h(b) h(n ) Sk=h(N N s ) Fig. 2. login and athentication phase 5

6 3.3 Password Change Phase When U wants to change his password from following steps. PW to PW ', he performs the Step 1. U inserts his smart card, and inpts his ID, PW, the new password PW, and pc. Step 2. The smart card comptes =h(id PW x), h(id ID s y)=r pc, and checks to see whether O=h(h(pc ) h(h(id ID s y) )) holds. If it holds, the smart card comptes =h(id PW x), R =pc h(id ID s y), O =h(h(pc ) h(h(id ID s y) )), A =A h(id PW x) h(id PW x), and then pdates R, O, A with R, O, A, respectively. The flow chart of the Password Change Phase is shown in Fig. 3. and User SmartCard Password change Phase 1. ID, PW, PW, pc 2. Comptes =h(id PW x) h(id ID s y)=r pc Checks O?= h(h(pc ) h(h(id ID s y) )), if so Comptes = h(id PW x) R =pc h(id ID s y) O =h(h(pc ) h(h(id ID s y) ) A =A h(id PW x) h(id PW x) pdates R, O, A with R, O, A, respectively. Fig. 3. Password change Phase 4. Secrity analyses In this section, we demonstrate why or scheme can meet Liao et al. s ten reqirements [9] for a smart-card based password athentication protocol. 6

7 Satisfying the ten secrity reqirements (R1 throgh R10) R1. It reqires no password or verifier tables. Or scheme reqires no verifier tables stored in the server s memory. Therefore, it meets this reqirement. R2. The ser can choose and change his/her password at will. Since in or scheme, the password change reqest can be accepted only after the smart card has sccessflly athenticated the ser. This garantees that only the real card holder can secrely and freely change his password. In other words, or password change protocol can let the ser choose and change his password freely and secrely. R3. The ser needs not reveal his/her password to the administrator of the server. Obviosly, the password is not revealed to the administrator of the server in either the login and athentication phase, or password change phase of or scheme. R4. The password is not transmitted in plain text over the Internet. As shown in Section 3, the password in or scheme is not transmitted in clear form. Therefore, or scheme can satisfy this reqirement. R5. It can resist insider attacks. An insider attack means that a legal ser J can impersonate another ser U to gain the service of server S. Assme that J wants to impersonate U to login to S; however, withot the knowledge of U s password PW and (=h(id PW x)), he can not dedce A, M, Q to pass S s verification. R6. It can resist the replay, password gessing, modification-verifier-table, and stolen-verifier attacks. Or scheme can resist the modification-verifier-table attack and stolen-verifier attack becase it reqires no verifier table. In addition, or scheme can avoid the replay attack, becase it chooses two fresh nonces, N and N, for each protocol rn. In addition, the on-line password gessing attack will fail. Becase withot the vales 7 s ID, PW, y, and x, the attacker cannot compte B and for generating the reqired parameters A, F, M, N, and Q to pass S s examinations. R7. The length of a password is appropriate for memorization. In or scheme, PW is inclded in ( h( ID PW x)), and then sed to generate parameters A, F, M, N, and Q in the message flow. Hence or scheme s strength didn t rely on the length of the password. The ser therefore can choose any length of password for easy memorization. R8. It is efficient and practical. Or scheme had another advantage that it demands only two passes and reqires no complex comptation. It only makes the sage of hash fnctions and X-or operations. Therefore, or scheme was efficient and practical. R9. It achieves mtal athentication.

8 Mtal athentication [14] means both the server and the ser can athenticate each other before generating the common session key. In the following, we first demonstrate why or protocol can achieve this goal. Then, show why or scheme can resist against Man-In-the-Middle Attack (MIMA). (a) Mtal athentication : In the login and athentication phase, to athenticate U, S has to verify the validity of Q and M, and U mst check the validity of E=h(N h(n s )) to athenticate S. In other words, when both parties complete the corresponding parameters validity checking, they sccessflly athenticate each other. (b) Man-In-the-Middle attack : Man-in-the-middle attack means that an active attacker might intercept the commnication line between a legal ser and the server and ses some means to sccessflly masqerade as both the server to the ser, and the ser to the server. Then, the ser will believe that he is talking to the intended server and vice versa. We now illstrate sch a MIMA lanching on or protocol in Fig. 4. In the figre, after having intercepted the commnication line between S and U, the attacker AE impersonates U by sending { C v, A, F, M, N, Q, T } to S and masqerades as S by sending {C, D, E } to U. If S can sccessflly verify Q, M, and U can sccessflly confirm E, AE then is regarded as athentic by both of the two commnicating parties and will have the two common session keys shared with U and S, respectively. However, since that for verifying Q and M, S shold compte Q =h( h(n )), and M =h(t h(b N)), where =A B, B =h(id s y C v ), withot the knowledge of N,, and y, AE can t send valid Q and M. Similarly, for verifying E, User shold compte E=h(N h(n s )), where N s =C h(n ). However, withot the knowledge of N and N s, AE can t send valid E. Hence, the MIMA fails. User AE(Server) AE(User) Server Cv, A, F, M, N, Q, T C, D, E Cv, A, F, M, N, Q, T C, D, E Fig. 4. The MIMA on or scheme as shown in Fig. 1 R10. It resists password gessing attacks, even if the smart card is lost. The smart-card-loss attack means an attacker AE can lanch varios attacks when he obtains a legal ser s smart card [23]. In the following, nder sch a sitation we discss the most common attack, the off-line password gessing attack, to demonstrate why or scheme is free from sch an attack. 8

9 Sppose U s smart card is obtained by AE after registration. Thogh, AE can read the stored vales {h( ), ID, C v, A(=B (=h(id s y C v )) h(id s y)) h(id PW x)), x}. However, withot the knowledge of h( ID PW x), AE cannot confirm whether his password gessing is right. Therefore, he cannot lanch off-line password gessing attack; for example, AE may gess password PW as PW AE and compte h(id PW AE x); however, withot the knowledge of vale, AE cannot confirm the validity of his gessing. In the other case, sppose U s smart card is obtained by AE after the login and athentication phase, since even in the former case AE can not obtain any redction in advantage. Not to mention, C v and A are frther randomized in this case. From the above description, we therefore conclde that AE can not lanch sch an attack. 5. Comparisons and Applications Comparisons After having examined the ten secrity reqirements, in the following, we make comparisons, among or scheme and other existing 2PAKE protocols [1, 3-6, 9, 11, 17, 21, 22, 26, 27, 29, 30-33, 35] in passes needed and whether it can satisfy the ten secrity featres (STSF) proposed by Liao et al. We show the reslts in Table 1. For convenience, in the table, we se notations i(1)-[35] to denote the first improvement in [35]. Table 1. Comparisons with some smart-card password based schemes in the passes and STSF Schemes i(1)-[35] [1] [3] [4] [5] [6] [9] [11] [17] [21] [22] Passes Anonymity STSF Table 1- contined. Comparisons with some smart-card password based schemes in the passes and STSF Schemes [26] [27] [29] [30] [31] [32] [33] [37] [39] Ors Passes Anonymity STSF From Table 1, we conclded that or scheme otperforms the others, except [39] which is the same as ors, in three dimensions: passes, anonymity, and STSF. However, [39] ses of RSA pblic key encryption which is comptationally intensive. Moreover, it also has a fixed parameter C 1 in each login of the ser which makes their scheme traceable. 9

10 Application Smart Grid Based on or two-pass one-to-one (server-ser) athentication protocol, (which not only can meet Liao et al. s ten reqirements, bt also is more secre and efficient than other relevant works in the literatre), or ftre work will adapt and apply it to a smart grid network. The smart grid network operates nder the circmstance that contains mltiple sers (cstomers), electrical eqipment, and one operation center. It is prone to sffering secrity vlnerabilities and reqires mch comptational overhead [36]. Or work reqires only hash and x-or operations. Therefore, it is more sitable to be adapted and applied in a smart grid network or ftre mobile commnication networks, which may contain more servers to cope with mltiple sers, than the others. 6. Conclsion This paper showed the weakness of Khan et al. s athentication protocol in Section 2, then demonstrates why or scheme satisfies the ten secrity reqirements for remote ser athentications indicated by Liao et al., and why it can prevent the insider attack and password gessing attack when the smart card is lost. Finally, it compares with the other proposed works in the literatre for three factors: (1) reqired nmber of passes, (2) ten secrity featres, and (3) anonymity property. From Table 1, we conclded that or scheme otperformed the others. The only concern for or scheme was the DOS attack. However, or scheme sed only the hash and Xor operations which are very efficient. To conter the attack, we can frther tne the nmber of login sers to some amont. Therefore, it was more sitable to be applied in real applications, sch as smart grid or ftre mobile commnication networks, than the others. References [1] Mhammad Khrram Khan, soo-kyn Kim, Khaled Alghathbar, Cryptanalysis and secrity enhancement of a more efficient & secre dynamic ID-based remote ser athentication scheme, Jornal of Compter Commnications, Vol. 6, No. 4, pp , [2] Daojing He, Maode Ma, Yan Zhang, Chn Chen, Jiajn B, A Strong ser athentication scheme with smart card for wireless commnications, Jornal of Compter Commnications, Vol. 34, No. 3, pp , [3] Ronggong Song, Advanced smart card based password athentication protocol, Jornal of Compter Standards & Interfaces, Vol. 32, No. 5-6, pp , [4] Xiong Li, Jian-Wei Ni, Jian Ma, Wen-Dong Wang, Cheng-Lian Li, Cryptanalysis and improvement of a biometrics-based remote ser athentication scheme sing 10

11 smart cards, Jornal of Network and Compter Applications, Vol. 34, No. 1, pp , [5] Amit K. Awasthi, Keerti Srivastava, R.C. Mittal, An improved timestamp-based remote ser athentication scheme, Jornal of Compters and Electrical Engineering, Vol. 37, No. 6, pp , [6] SK. Hafizl Islam, G.p. Biswas, A more efficient for secre ID- based remote mtal athentication with key agreement scheme for mobile devices on elliptic crve cryptosystem, Jornal of Systems and Software, Vol. 84, No. 11, pp , [7] Sandeep K. Sood, Anil K. Sarje, Kldip Singh, A secre dynamic identity based athentication protocol for mlti-server architectre, Jornal of Network and Compter Applications, Vol. 34, No. 2, pp , [8] Hi Li, Chan-Kn W, Jn Sn, A general compiler for password- athentication grop key exchange protocol, Jornal of Information Processing Letters, Vol. 110, No. 4, pp , 2010 [9] I-En Liao, Cheng-Chi Lee, Min-Shiang Hwang, A password athentication scheme over insecre networks, Jornal of Compter and System Sciences, Vol. 72, No. 4, pp , [10] J-Han Yang, Tian-Jie Cao, Provably secre three-party password athenticated key exchange protocol in the standard model, The Jornal of Systems and Software, Vol. 85, No. 2, pp , [11] Ren-Chin Wang, Wen-Sheng Jang, Chin-Lang Lei, Robst athentication and key agreement scheme preserving the privacy of secret key, Jornal of Compter Commnications, Vol. 34, No. 3, pp , [12] Jnghyn Nam, Jryon Paik, Dongho Won, A secrity weakness in Abdalla et al. s generic constrction of a grop key exchange protocol, Jornal of Information Science, Vol. 181, No. 1, pp , [13] Ting-Yi Chang, Min-Shiang Hwang, Wei-Pang Yang, A commnication- efficient three-party password athenticated key exchange protocol, Jornal of Information Sciences, Vol. 181, No. 1, pp , [14] Ynho Lee, Sengjoo Kim, Domgho Won, Enhancement of two- factor athemticated key exchange protocols in pblic wireless LANs, Jornal of Compters and Electrical Engineering, Vol. 36, No. 31, pp , [15] Binod Vaidya, Jong Hyk Parkm, Sang-Soo Yeo, Joel J.P.C. Rodriges, Robst one-time password athentication scheme sing smart card for home network environment, Jornal of Compter Commnications, Vol. 34, No. 3, pp , [16] Qiang Tang, Liqn Chen, Extended KCI attack against two-party key establishment protocols, Jotnal of Information Processing Letters, Vol. 111, No. 11

12 15, pp , [17] Ko-Hi Yeh, Chnha S, N.W. Lo, Yingji Li, Yi-Xiang Hng, Two robst remote ser athentication protocols sing smart cards, The Jornal of Systems and Software, Vol. 83, No. 12, pp , 2010 [18] Jonathan Katz, Philip Mackenzie, Gelareh Taban, Virgil Gligor, Two-server password-only athenticated key exchange, Jornal of Compter and System Sciences, Vol. 78, No. 2, pp , [19] SK Hafizl Islam, G.P. Biswas, Design of improved password athentication and pdate scheme based on elliptic crve cryptography, Jornal of Mathematical and Compter Modelling, [20] Yi-Pin Liao, Shenn-Shyang Wang, A new secre password athenticated key agreement scheme for SIP sing self-certified pblic keys on elliptic crves, Jornal of Compter Commnications, Vol. 33, No. 3, pp , [21] Tien-Ho Chen, Han-Cheng Hsiang, Wei-Kan Shih, Secrity enhancement on an improvement on two remote ser athentication scheme sing smart cards, Jornal of Ftre Generation Compter Systems, Vol. 27, No. 4, pp , [22] Cheng-Chi Leem Tsng-Hng Lin, Ri-Xiang Chang, A secre dynamic ID based remote ser athentication scheme for mlti-server environment sing smart cards, Jornal of Expert Systems with Applications, Vol. 38, No. 11, pp , [23] Ren-Chin Wang, Wen-Shenq Jang, Chin-Lang Lei, Provably secre and efficient identification and key agreement protocol with ser anonymity, Jornal of Compter and System Sciences, Vol. 77, No. 4, pp , [24] Tian-F Lee, Tzonelih Hwang, Simple password-based three-party athenticated key exchange withot server pblic keys, Jornal of Information Sciences, Vol. 180, No. 9, pp , [25] A.M. Rossdowski, H.S. Venter, J.H.P. Eloff, D.G. Korie, A secrity privacy aware architectre and protocol for a single smart card sed for mltiple services, ScienceDirect Compters & Secrity, Vol. 29, No. 4, pp , [26] Sang-Kyn Kim, Min Gyo Chng, More secre remote ser athentication scheme, Compter Commnications, Vol. 32, No. 6, pp , [27] Yan-yan Wang, Jia-yong Li, Feng-xia Xiao, Jing Dan, A more efficient and secre dynamic ID-based remote ser athentication scheme, Compter Commnications, Vol. 32, No. 4, pp , March [28] Xiong Li, Yongping Xiong, Jian Ma, Wendong Wang, An efficient and secrity dynamic identity based athentication protocol for mlti-server architectre sing smart cards, Jornal of Network and Compter Applications, Vol. 35, No. 2, pp ,

13 [29] Chn-TaLi, Min-ShiangHwang, An efficient biometrics-based remote ser athentication scheme sing smart cards, Jornal of Network and Compter Applications, Vol. 33, No. 1, pp. 1-5, [30] Han-Cheng Hsiang, Wei-Kan Shih, Weaknesses and improvements of the Yoon Ry Yoo remote ser athentication scheme sing smart cards, Compter Commnications, Vol. 32, No. 4, pp , [31] Chn-Ta Li, Cheng-Chi Lee, A novel ser athentication and privacy preserving scheme with smart cards for wireless commnications, Mathematical and Compter Modeling, Vol. 55, No. 1-2, pp , [32] Min-Shiang Hwang, Song-Kong Chong, Te-Y Chen, DoS-resistant ID-based password athentication scheme sing smart cards, Jornal of Systems and Software, Vol. 83, No. 1, pp , [33] Hao-Rng Chng, Wei-Chi K, Maw-Jinn Tsar, Weaknesses and improvement of Wang et al.'s remote ser password athentication scheme for resorce-limited environments, Compter Standards & Interfaces, Vol. 31, No. 4, pp , [34] R. Madhsdhan, R.C. Mittal, Dynamic ID-based remote ser password athentication schemes sing smart cards: A review, Jornal of Networks and Compter Applications, Vol. 35, No. 4, pp , [35] Yalin Chen, Je-Sam Cho, Chn-Hi Hang, Improvements on two password-based athentication protocols, Cryptology eprint Archive. [36] R L, X Liang, X Li, X Lin, X Shen, EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secre Smart Grid Commnications, IEEE Transactions On Parallel And Distribted Systems, Vol. 23, No. 9, [37] R. Song, Advanced smart card based password athentication protocol, Compter Standards & Interfaces, Vol. 32, No. 5-6, [38] Ts-Yang W, Yh-Min Tseng, An efficient ser athentication and key exchange protocol for mobile client server environment, Compter Networks, Vol. 54, No. 9, pp , [39] W. Ding and C.G. Ma, Cryptanalysis and secrity enhancement of a remote ser athentication scheme sing smart cards, The Jornal of China Universities of Posts and Telecommnications, Volme 19, Isse 5, October 2012, Pages [40] L. Gong, J. Pan, B. Li, S. Zhao, A novel one-time password mtal athentication scheme on sharing renewed finite random sb-passwords, Jornal of Compter and System Sciences, Vol. 79 Isse 1, Pages , Febrary, [41] D. He, S., W, and J. Chen, note on 'design of improved password athentication and pdate scheme based on elliptic crve cryptography, Mathematical and 13

14 Compter Modelling, Vol. 55(3 4), Pages [42] S. H. Islam and G.P. Biswas, Design of improved password athentication and pdate scheme based on elliptic crve cryptography, Mathematical and Compter Modelling, Volme 57, Isses 11 12, Jne 2013, Pages [43] X. Li, J. Ni, M. Khrram Khan, J. Liao, An enhanced smart card based remote ser password athentication scheme, Jornal of Network and Compter, Available online 5 March 2013 [44] Q. Xie, Improvement of a secrity enhanced one-time two-factor athentication and key agreement scheme, Scientia Iranica, Vol. 19, Isse 6, December 2012, Pages