Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Awasthi et al. proposed an efficient RSA-based remote user authentication scheme. In this paper, we will point out that Awasthi et al.'s scheme is vulnerable to a privileged insider attack, a password guessing attack and an impersonation attack. To improve the security, we also propose a new RSA-based remote user authentication scheme. The analysis shows our scheme could overcome the weaknesses in Awasthi et al.'s scheme and has better performance than their scheme.

• 出版日期2012
• 单位武汉大学; 东北大学