Improvement on the dynamic ID-based remote user authentication scheme

In 2004, Das et al. proposed a dynamic ID-based remote user authentication scheme. Their scheme allows users to select and update their passwords freely, and the server needs not maintain a verifier table. In this paper, we show that their scheme is not secure. Though there are several improvement schemes proposed to fix the flaws. However, we show that all improvement schemes have deficiency on dynamic merit. Finally, we propose an improvement scheme to enhance the security. The improvement scheme has dynamic merit such that adversary cannot trace the users.