Skip to main content
SpringerLink
Log in

Cryptanalysis of Yang et al.’s Digital Rights Management Authentication Scheme Based on Smart Card

  • Conference paper
Recent Trends in Computer Networks and Distributed Systems Security (SNDS 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 420))

Abstract

Internet based content distribution presents a scalable platform for digital content trade to the remote users. It makes electronic commerce more profiting business. However, digital content can be easily copied and redistributed without any quality degradation over the network. Digital rights management (DRM) systems emerge as an effective solution which ensures copyright protection. Most of the existing DRM systems support only one way authentication where the server verifies user’s authenticity and user simply assumed that he is interacting with the correct server. It may provide an opportunity of performing server spoofing attack to an adversary. In 2009, Zhang et al. presented a smart card based authentication scheme for DRM system in which user and server can mutually authenticate each other and establish a session key. Recently, Yang et al. demonstrated that Zhang et al.’s scheme is vulnerable to insider attack and stolen smart card attack. Additionally, they proposed an improved scheme to erase the drawbacks of Zhang et al.’s scheme. We identify that Yang et al.’s improved scheme is also vulnerable to password guessing attack and denial of service attack. Moreover, their scheme does not present efficient login and password change phases such that smart card executes the session in case of incorrect input. We show that how inefficiency of login and password change phases cause denial of service attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mishra, D.: A study on id-based authentication schemes for telecare medical information system. arXiv preprint arXiv:1311.0151 (2013)

    Google Scholar 

  2. Mishra, D., Mukhopadhyay, S.: Secure content delivery in drm system with consumer privacy. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 321–335. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  3. Subramanya, S., Yi, B.K.: Digital rights management. IEEE Potentials 25(2), 31–34 (2006)

    Article  Google Scholar 

  4. Yang, H.W., Yang, C.C., Lin, W.: Enhanced digital rights management authentication scheme based on smart card. Institution of Engineering and Technology (2013)

    Google Scholar 

  5. Zhang, Y.C., Yang, L., Xu, P., Zhan, Y.S.: A drm authentication scheme based on smart-card. In: International Conference on Computational Intelligence and Security, CIS 2009, vol. 2, pp. 202–207. IEEE (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Indian Institute of Technology Kharagpur, India

    Dheerendra Mishra & Sourav Mukhopadhyay

Authors
  1. Dheerendra Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sourav Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Facultad de Informatica, Campus de Espinardo, s/n, 30., 100, Murcia, Spain

    Gregorio Martínez Pérez

  2. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  3. Faculty of Computing and Mathematical Sciences, The University of Waikato, Waikato Mail Centre, Private Bag 3105, Hamilton, New Zealand

    Ryan Ko

  4. Guangdong University of Petrochemical Technology, P.R. China

    Lei Shu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mishra, D., Mukhopadhyay, S. (2014). Cryptanalysis of Yang et al.’s Digital Rights Management Authentication Scheme Based on Smart Card. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2014. Communications in Computer and Information Science, vol 420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54525-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54525-2_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54524-5

  • Online ISBN: 978-3-642-54525-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation