Abstract
With the rapid growth of Internet users and wireless applications, interests on home networks have been enormously increased in recent years. For digital home networks, robust security services including remote user authentication have become essential requirements. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated b research community in these decades. Recently, Vaidya et al. proposes a robust one time password authentication scheme using smart card for home network environment. The authors claimed that their scheme delivers important security features and system functionalities, such as mutual authentication, no verification table, no time synchronization, resistance against password guessing attacks, smart card loss attacks, forward secrecy with lost smart card and forged user attacks, as well as computation efficiency. However, we first demonstrate two vulnerabilities on the scheme. Then, we propose an improved scheme to eliminate all identified security flaws in the scheme.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Weiser, M.: The computer for the twenty-first century. Scientific American, 94–100 (1991)
Kim, G.W., Lee, D.G., Han, J.W., Kim, S.C., Kim, S.W.: Security framework for home network: Authentication, authorization, and security policy. In: Washio, T., Zhou, Z.-H., Huang, J.Z., Hu, X., Li, J., Xie, C., He, J., Zou, D., Li, K.-C., Freire, M.M. (eds.) PAKDD 2007. LNCS (LNAI), vol. 4819, pp. 621–628. Springer, Heidelberg (2007)
Ellision, C.M.: Interoperable home infrastructure home network security. Intel Technology Journal 6, 37–48 (2002)
Jeong, J.P., Chung, M.Y., Choo, H.S.: Secure user authentication mechanism in digital home network environments. In: Sha, E., Han, S.-K., Xu, C.-Z., Kim, M.-H., Yang, L.T., Xiao, B. (eds.) EUC 2006. LNCS, vol. 4096, pp. 345–354. Springer, Heidelberg (2006)
Goyala, V., Kumara, V., Singha, M., Abrahamb, A., Sanyalc, S.: A new protocol to counter online dictionary attacks. Computers & Security 25, 114–120 (2006)
Jiang, Z.J., Kim, S.O., Lee, K.H., Bae, H.C., Kim, S.W.: Security service framework for home network. In: Proceedings of the Fourth Annual ACIS International Conference on Computer and Information Science 2005, pp. 233–238 (2005)
Lamport, L.: Password authentication with insecure communication. Communications of the ACM 24(11), 770–772 (1981)
Yeh, T.C., Shen, H.Y., Hwang, J.J.: “A secure one-time password authentication scheme using smart cards. IEICE Transactions on Communications E85-B(11), 2515–2518 (2002)
Tsuji, T., Shimizu, A.: One-time password authentication protocol against theft attacks. IEICE Transactions on Communications E87-B(3), 523–529 (2004)
Lee, S.W., Kim, H.S., Yoo, K.Y.: Improved efficient remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(2), 565–567 (2004)
Yoon, E.J., Ryu, E.K., Yoo, K.Y.: An improvement of Hwang-Lee-Tang’s simple remote user authentication schemes. Computers & Security 24, 50–56 (2005)
Hsing, H.S., Shin, W.K.: “Weaknesses and improvements of the Yoon-Ryu-Yoo remote user authentication using smart cards. Computer Communications 32, 649–652 (2009)
Jeong, J., Chung, M.Y., Choo, H.: Integrated OTP-based user authentication scheme using smart cards in home networks. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (2008)
Kim, S.K., Chung, M.G.: More secure remote user authentication scheme. Computer Communications 32, 1018–1021 (2009)
Yoon, E.J., Yoo, K.Y.: More efficient and secure remote user authentication scheme with smart cards. In: Proceedings of 11th International Conference on Parallel and Distributed System, vol. 2, pp. 73–77 (2005)
Vaidya, B., Park, J.H., Yeo, S.S., Rodrigues, J.J.P.C.: Robust one-time password authentication scheme using smart card for home network environment. Computer Communications 34, 326–336 (2011)
Kocher, P., Jaffe, J., Jun, B.B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computer 51(5), 541–552 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, H.J., Kim, H.S. (2011). AUTHHOTP - HOTP Based Authentication Scheme over Home Network Environment. In: Murgante, B., Gervasi, O., Iglesias, A., Taniar, D., Apduhan, B.O. (eds) Computational Science and Its Applications - ICCSA 2011. ICCSA 2011. Lecture Notes in Computer Science, vol 6784. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21931-3_48
Download citation
DOI: https://doi.org/10.1007/978-3-642-21931-3_48
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21930-6
Online ISBN: 978-3-642-21931-3
eBook Packages: Computer ScienceComputer Science (R0)