회원로그인

아이디/비밀번호찾기 | 회원가입

자료실

논문윤리하기 논문투고규정
  • 오늘 가입자수 0
  • 오늘 방문자수 757
  • 어제 방문자수 944
  • 총 방문자수 2790
2024-11-05 17:47pm
논문지
HOME 자료실 > 논문지

발간년도 : [2021]

 
논문정보
논문명(한글) [Vol.16, No.6] Cryptanalysis of Multi-Server Authentication Scheme Vulnerable to MITM Attack
논문투고자 Kwang-Cheul Shin
논문내용 Today, many hospitals and medical institutions implement authentication protocols and Telecare Medicine Information System (TMIS) to enable confidential and efficient electronic medical transactions. Convenient access to the Internet is increasing telemedicine services. Among them, protection of medical data and personal information is necessary. Therefore, multi-server and authentication technology are essential for application to fields such as TMIS, online shopping, remote monitoring, and online banking. Biometrics is one of the most trusted authenticators and is currently recommended for use with TMIS for remote authentication. However, most of the existing TMIS is considering the authentication system based on a single server environment. This method has a high probability of causing errors in biometricdata. Malicious attackers can easily modify, insert, delete and intercept messages exchanged over public channels. Therefore, in a multi-server environment, a secure and strong security authentication and key agreement(AKA: Authentication and Key Agreement) authentication protocol is required. In 2020, Ali etal.’s proposed a three-factor symmetric key-based authentication and key agreement scheme for privacy and security in a multi-server environment. However, Ali et al.’s scheme has many flaws, including session key exposure and man-in-the-middle (MITM) attacks and spoofing attacks. In particular, it analyzes and proves that there is no mutual authentication in this protocol. Ali et al.’s proposed a three-factor symmetric key-based authentication and key agreement scheme for privacy and security in a multi-server environment. However, Ali et al.’s scheme has many flaws, including session key exposure and man-in-the-middle (MITM) attacks and spoofing attacks. In particular, it analyzes and proves that there is no mutual authentication in this protocol.
첨부논문
   16-6-07.pdf (626.5K) [5] DATE : 2021-12-31 10:22:20