@ARTICLE{ iet:/content/journals/10.1049/iet-ifs.2012.0058, author = {Chun-Ta Li}, affiliation = {Department of Information Management, Tainan University of Technology, 529 Zhongzheng Road, Tainan City 71002, Taiwan}, keywords = {password authentication;computer networks;elliptic curve cryptography;stolen verifier;security threats;smart card;offline password guessing;user anonymity scheme;client privacy;secure remote access control;}, ISSN = {1751-8709}, language = {English}, abstract = {Password authentication has been widely used in computer networks to provide secure remote access control. In this study, the authors show that the improved password authentication and update scheme based on elliptic curve cryptography proposed by Islam and Biswas is vulnerable to offline password guessing, stolen-verifier and insider attacks. We propose an advanced smart card-based password authentication and update scheme and extend the scheme to provide the privacy of the client. By comparing the criteria with other related schemes, our scheme not only solves several hard security threats but also satisfies more functionality features.}, title = {A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card}, journal = {IET Information Security}, issue = {1}, volume = {7}, year = {2013}, month = {March}, pages = {3-10(7)}, publisher ={Institution of Engineering and Technology}, copyright = {© The Institution of Engineering and Technology}, url = {https://digital-library.theiet.org/;jsessionid=5n7pm5jl9vg21.x-iet-live-01content/journals/10.1049/iet-ifs.2012.0058} }