Comments on Improved Efficient Remote User Authentication Schemes

Remote system authentication is a process by which a remote system gains confidence about the identity (or login request) of the communicating partner. Since the introduction of Lamport's scheme, several new proposals and improvements on remote systems authentication have been proposed. Recently, Tian et al. presented an paper by observing some flaws of the Yoon et al.'s scheme, and subsequently suggested two improved schemes. The basis of the Tian et al.'s observation on Yoon et al.'s scheme was on this assumption: If an attacker steals a user's smart card and extracts the values stored in it through some means without being noticed, then the attacker can either masquerade as the user to forge a valid login request, or masquerade as the server to forge a valid reply message.