Chaoyang University of Technology
The authors have proposed a remote user authentication scheme without using a password file or a verification table. Their scheme can withstand the attack of replaying a previously intercepted login request message. The security of the scheme relies on the difficulty of computing discrete logarithms over finite fields. In this paper, they propose a new remote user authentication scheme using smart cards. The scheme is based on the ElGamal's public key cryptosystem. Their scheme does not require a system to maintain a password table for verifying the legitimacy of the login users. In addition, their scheme can withstand message replaying attack.