A Simple And Efficient Key Exchange Scheme Against The Smart Card Loss Problem

In a ubiquitous computing environment, a person can use various intelligent devices to obtain his desired services at any time and any place. For convenience, most of these devices are small and of limited power and computation capacity. Therefore, an admired scheme should take these into consideration. In 2006, Lin et al. proposed a lightweight authentication scheme only using one-way hash function. However, their scheme is vulnerable to the several security threats. It is the germination of our idea. In this paper, we only require one-way hash function, exclusive OR operation, a smart card, and a memorial password to construct a simple and efficient key exchange scheme to withstand the most known security threats. We also take several merits into our scheme. First, the friendliness and fairness of a user are considered. The user can freely select her/his identity and password for registration and employ the used identity to register repeatedly when the smart card has lost. Second, a user does not need to worry about the damage of the smart card loss problem even if the content of the smart card has been extracted. Our scheme can take care hard security threats and efficient at the same time. Since our scheme does not require any symmetric and asymmetric cryptosystems, the communication and computation cost is very low. Therefore, our scheme is suitable to be applied in ubiquitous computing environments.