Science and Development Network (SciDev.Net)
The user authentication scheme using smart card should be strong enough to prevent the extracted information, which the attacker extracted from the user's smart card, from use to figure out the user's password. In this paper, it was pointed out that Hsiang et al.'s scheme is vulnerable to offline password guess attack. In order to overcome the noted vulnerability, an improved user authentication scheme was proposed, based on random number b provided by hash function and server S to each user.