摘要:User authentication schemes based on password and smart card are used to ensure only authorized access to the protected services over distributed systems. Recently, Kumari et al. proposed an improved remote user authentication scheme with key agreement. This paper shows that Kumari et al.‘s scheme does not provide forward secrecy and proposes an enhanced remote user authentication scheme with key agreement over distributed systems. The proposed scheme uses session dependant fresh random numbers to provide message freshness and forward secrecy. The proposed scheme solves the problem in Kumari et al.’s scheme and will be analyzed by using various attacks to show the security on it.
