An ID-based authentication scheme to achieve the security of smart card.

When customers enjoy the benefits from pervasive electronic applications such as mobile payment and online transaction, what we cannot ignore is that the adversaries may infringe privacy by cracking the authentication information. As an effective countermeasure, considerable smart-card-based ID authentication schemes have been proposed. However, these methods are found actually more or less vulnerable to certain attacks. Therefore, we propose a scheme based on smart cardu0027s mutual authentication mechanism, which can completely hide all the information concerned with the useru0027s ID and defeat most known attacks launched by the adversaries. When the user uses the same identity and password to register different accounts, the attacker cannot obtain the useru0027s password even if he or she knows the useru0027s corresponding identity and cannot achieve a password-guessing attack. Compared with several prevalent schemes, without sacrificing the computational efficiency, our solution can achieve higher security.