Abstract:

For some security flaws that lie hidden in the YoonYoo’s user authentication scheme such as masquerading user attack, masquerading server attack and stolen verifier attack, this paper proposes a new remote user authentication scheme using random numbers to repeat hash operations. This scheme resolves all the aforementioned problems, while keeping the merits of YoonYoo’s scheme. Therefore, this scheme has a more stable security, and provides an effective solution of remote user authentication for electronic commerce.

Key words: authentication;security flaws;masquerading user attack;masquerading server