Young Computer Scientists, International Conference for (2008)
Nov. 18, 2008 to Nov. 21, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICYCS.2008.64
Lately, remote user authentication schemes using smart cards have been researched to provide user privacy. Previously provided schemes based on smart cards were only concerned about providing mutual authentication with key exchange, but the schemes preserving user anonymity have been recently demanded because the user privacy is an important issue in many e-commerce applications. In 2007, Hu et al. pointed out that Chien and Chen's scheme fails to protect the user anonymity and proposed a scheme preserving user anonymity. In 2008, Bindu et al. also pointed out Chien and Chen's scheme fails to protect the user anonymity and suggested a scheme preserving user anonymity. Unfortunately, neither scheme guarantee user anonymity against an insider adversary who is a legal user. In this paper, we first point out that both Hu et al.'s scheme and Bindu et al.'s scheme are still vulnerable to the insider attack.
user anonymity, cryptanalysis, smart card
J. Y. Chun, D. H. Lee and S. Kim, "Cryptanalysis of Two Improved Remote User Authentication Schemes Preserving User Anonymity," 2008 9th International Conference for Young Computer Scientists(ICYCS), Hunan, 2008, pp. 2235-2239.