Using smart cards to authenticate remote passwords

AbstractA remote password authentication scheme is a mechanism used to support a computer system to solve the privacy and security problems in a multi-user network. In this paper, we will propose a new remote password authentication scheme without password tables. By using our scheme, each legal user has his/her identity, password and smart card. Using his/her identity, password and smart card, the computer system can validate whether the login user is a legal one or not. In our scheme, intruders cannot derive any secret information from the public information. Besides, intruders are not able to find any password from previous intercepted messages. Also, the new scheme can withstand replaying attacks