Fixing problems in Lin et al.’s OSPA protocol

摘要

Recently, Lin et al. proposed an improvement on the OSPA protocol to make the protocol withstand the stolen-verifier attack, using smart card. However, Ku et al. demonstrated that Lin et al.’s protocol is vulnerable to the replay attack and the denial of service attack. In this paper, we will propose an enhancement of the protocol to isolate such problems. As a result, the proposed scheme can simply update user passwords and also provides mutual authentication between the user and a remote server. Besides all the above merits, the proposed has more efficient performance by reducing the number of hash operations.