Advanced smart card based password authentication protocol

Password-based authentication is widely used for systems that control remote access to computer networks. In order to address some of the security and management problems that occur in traditional password authentication protocols, research in recent decades has focused on smart card based password authentication. In this paper, we show that the improved smart card authentication scheme proposed by Xu-Zhu-Feng is vulnerable to internal and impersonation attacks. We propose an improvement of their solution, present a new efficient strong smart card authentication protocol, and demonstrate that the new protocol satisfies the requirements of strong smart card authentication and is more efficient.