An Improved Hou-Wang's User Authentication Scheme (original) (raw)

It’s easy to access Internet resources in the cloud environment. And it’s important to protect the legal users’ privacy and confidentiality. Recently, Hou and Wang proposed a robust and efficient user authentication scheme based on elliptic curve cryptosystem. Their scheme was practical and easy to implement. They claimed that their scheme could against off-line password guessing, DoS, server spoofing, replay, parallel session and impersonation attacks. In this article, we will show that Hou-Wang’s scheme is vulnerable to the guessing attack with smart card. In this article, we also propose an improved Hou-Wang’s user authentication scheme to withstand the vulnerability in their scheme.