A Reliable Dynamic User-Remote Password Authentication Scheme over Insecure Network

Protocols of user authentication are able to ensure the security of data transmission and users' communication over insecure networks. Among various authenticated mechanisms run currently, the password-based user authentication, because of its efficiency, is the most widely employed in different areas, such as computer networks, wireless networks, remote login, operation systems, and database management systems. Even as password is endowed with the property of simple and human memorable, for which causes such an attack of brute force, for example, the previous works often suffer off-line password guessing attack. Therefore, an ameliorative password-based authentication scheme is proposed in this paper, achieving to resist off-line password guessing attacks, replay attacks, on-line password guessing attacks, and ID-theft attacks. In light of security, the proposed scheme is provided with good practicability, even over insecure network.