—Remote systems authentication schemes need more research and investigation due to increasing of hackers and attacks with the population of wired and wireless traffic. All of the popular remote user and system authentication schemes are fixed authentication and provides only entity authentication, not provides any data authentication. Recently Das proposed a flexible remote systems authentication scheme using smart card  that checks authenticity of user as well as remote system.
In this paper, we show that Das’s scheme is not withstand the modification attack, reverse XOR attack and adversary system attack. We have proposed Modified Das’s scheme which serves as entity authentication as well as data authentication. We have applied Automatic Variable Password technique (AVP) to make the password unbreakable by changing it session to session. Application of AVP made the Das’s scheme a Time Variant Authentication scheme that checks the authenticity of remote user time to time. We show that how Modified Das’s scheme defenses modification attack, reverse XOR attack and adversary system attack.
—Automatic Variable Password, Remote user, Remote system, Smart card, Time Variant Entity and Data Authentication.
Chandan Koner is an Assistant Assistant Professor in the Department of Computer Science and Engineering, Bengal Institute of Technology and Management, Santiniketan, P.O. Doranda, West Bengal, Pin-731236, India., he is pursuing PhD course. He is member of IACSIT and IAENG. (Phone No.+91-9434535556, email: email@example.com)
Chandan Tilak Bhunia is an Director, Bengal Institute of Technology and Management, Santiniketan, P.O. Doranda, West Bengal, Pin-731236, India. He is a Senior Member of IEEE and FIE. (Phone No. +91-9434033157, email: firstname.lastname@example.org)
Ujjwal Maulik is currently a Professor in the Department of Computer Science and Technology, Jadavpur University, Kolkata, India. He is a Senior Member of IEEE. (Phone No. 91-33-24131766, email: email@example.com).
Cite: C. Koner, C. T. Bhunia and U. Maulik, "Application of Automatic Variable Password Technique in Das's Remote System Authentication Scheme Using Smart Card," International Journal of Computer Theory and Engineering
vol. 2, no. 1, pp. 1-5, 2010.