On the Security of the Discrete Logarithm Based Remote Authentication Scheme Using Smart Cards

Nowadays, we can easily obtain variety of services through network. But due to the open environment, networks are vulnerable to variety of security threats. Ramasamy et al. proposed a discrete logarithm based remote authentication scheme with smart cards. Their scheme provides mutual authentication and withstanding the denial of service attack, forgery attack, parallel session attack and smart card loss attack. In this article, we show that their scheme is not a practical solution for remote accessing. It also lacks key agreement mechanism; and users cannot update password freely. Moreover, their scheme cannot resist the stolen verifier attack and off-line guessing attack.