ABSTRACT
ABSTRACT: User authentication protocols ensure the security of user communication and data transmission over insecure networks. Among the various current authenticated mechanisms, the password-based user authentication, because of its convenience and efficiency, is the most widely employed mechanism in electronic applications. Even though the password is endowed with the advantageous properties of simplicity and human memory, it can easily succumb to attacks that employ brute force, such as offline guessing attacks that various existing schemes suffer from, or to spoofing and impersonation problems that occur once the password is hacked. Therefore, this paper intends to investigate the dynamic password-based user authentication scheme, where the characteristic of a dynamic password disables attackers from catching the correct password each time and prevent the attackers from guessing the users’ passwords. Besides, this scheme can also resist common attacks, such as replay attacks, stolen-verifier attacks, server spoofing attacks, and impersonation attacks, among others.
