Cheng, Ting-Fang; Lee, Jung-San; Chang, Chin-Chen Security enhancement of an IC-card-based remote login mechanism. (English) Zbl 1118.68475 Comput. Netw. 51, No. 9, 2280-2287 (2007). Summary: C. T. Wang, C. C. Chang and C. H.Lin [“Using IC cards to remotely login passwords without verification tables”, in: Proc. 18th International Conference on Advanced Information Networking and Applications, Fukuoka, Japan, Vol. 1, 321–326 (2004)] presented a remote password authentication scheme using IC (Integrated Circuit) cards in 2004. Unfortunately, we discovered that their scheme is unable to withstand the forgery attack. We consequently propose in this paper a novel version to resist this kind of attacks. Furthermore, our scheme can also provide mutual authentication between a remote server and login users. The security of our scheme is based on the public one-way hash function. What is more, the timestamp mechanism is applied in our scheme to protect such potential attacks in the case that an intruder may replay a previously intercepted login request to access the remote server. MSC: 68P25 Data encryption (aspects in computer science) 68M10 Network design and communication in computer systems Keywords:IC card; remote authentication; key distribution; one-way hash function PDFBibTeX XMLCite \textit{T.-F. Cheng} et al., Comput. Netw. 51, No. 9, 2280--2287 (2007; Zbl 1118.68475) Full Text: DOI