International Journal of Network Security
As one of the simplest and the most convenient mechanism to ensure secure communication in open networks, user authentication scheme has been studied widely. To guarantee secure communications in multi-server environment, Lee et al. proposed a dynamic ID-based remote user authentication scheme using smart card. They also demonstrated that their scheme could withstand various attacks. This paper reviews Lee et al.'s scheme and provides a security analysis on it. The authors' analysis shows that Lee et al. is vulnerable to the impersonation attack, the server spoofing attack, and the off-line password guessing attack.