On the security of efficient user identification scheme

摘要

A user identification scheme was proposed by Tseng et al. in 1998, as one of applications that are based on the ideas of ID-based cryptosystems. Recently, Hwang et al. presented an improvement of the Tseng et al.’ scheme for wireless mobile environment. In wireless environment, the time for waiting and responding of a mobile device must be reduced due to the lack of the capacity of the battery. The authors tried to achieve this goal by optimizing the pass of the scheme. However, here we show their scheme has some limitation for practical usage in the sense that it is not secure against a key compromise impersonation attack.