Efﬁcient remote mutual authentication and
Wen-Gong Shieh*, Jian-Min Wang
Department of Information Management, Chinese Culture University, 55, Hwa-Kang Road,
Yang-Ming-Shan, Taipei 11114, Taiwan, ROC
Received 20 October 2004
Accepted 29 September 2005
A smart card based scheme is very practical to authenticate remote users. In 2004, Juang
[Juang WS. Efﬁcient password authenticated key agreement using smart cards. Computers
and Security 2004;23:167–73] proposed a mutual authentication scheme using smart cards.
The advantages in the scheme include freely chosen passwords, no veriﬁcation tables, low
communication and computation cost, and session key agreement. In addition, synchro-
nized clocks are not required in the scheme due to its nonce based approach. In this paper,
however, we shall discuss the weakness of Juang’s [Juang WS. Efﬁcient password authen-
ticated key agreement using smart cards. Computers and Security 2004;23:167–73] scheme
and propose another similar scheme to improve the weakness. Our scheme not only pre-
serves all the advantages of Juang’s scheme but also improves its efﬁciency.
ª 2005 Elsevier Ltd. All rights reserved.
Remote mutual authentication is a mechanism for two com-
municating parties to mutually authenticate each other
through an insecure communication channel. Since Lamport
(1981) proposed his remote authentication scheme in 1981,
many scholars (Chang and Wu, 1993; Chien et al., 2002; Hsu,
2004; Hwang and Li, 2000; Hwang et al., 2002; Jan and Chen,
1998; Sun, 2000; Tan and Zhu, 1999; Wang and Chang, 1996;
Wu, 1995; Wu and Sung, 1996; Yang and Shieh, 1999) have pro-
posed new schemes and improved the efﬁciency and security
of remote authentication. In 2000, Sun (2000) proposed a cost
effective unilateral remote authentication scheme in which
only a server can authenticate a user’s legitimacy. In 2002,
Chien et al. (2002) proposed an efﬁcient remote mutual au-
thentication scheme using smart card allowing server and
user to authenticate each other. The advantages in the
scheme include freely chosen passwords, no veriﬁcation ta-
bles, low communication and computation cost. However, as
demonstrated by Hsu (2004), Chien et al.’s scheme is vulnera-
ble to the parallel session attack. Recently, in 2004, Juang
(2004) proposed another scheme preserving all the advantages
of Chien et al.’s scheme. Unlike Chien et al.’s scheme, Juang’s
scheme is nonce based. Therefore, no synchronized clocks are
required in the scheme. In addition, Juang’s scheme generates
a session key for the user and server in their subsequent
In this paper, however, we shall discuss the weakness of
Juang’s (2004) scheme and propose another similar scheme
to improve the weakness. Our scheme not only preserves all
the advantages of Juang’s scheme but also improves its efﬁ-
ciency. The remainder of this paper is presented as follows.
In the next section, a brief review of related papers is given.
Then we present our scheme. Further, we point out the weak-
ness of Juang’s scheme and examine the security of our
scheme which is followed by the efﬁciency issues that are dis-
cussed and a comparison is given. Finally, we give our conclu-
sion in the last section.
* Corresponding author.
E-mail addresses: email@example.com (W.-G. Shieh), firstname.lastname@example.org (J.-M. Wang)
available at www.sciencedirect.com
journal homepage: www.elsevier.com/locate/cose
0167-4048/$ – see front matter ª 2005 Elsevier Ltd. All rights reserved.
computers & security 25 (2006) 72 – 77