Recently, Li and Lee proposed a new remote user authentication scheme using smart card. However, their scheme requires a verification table and the user’s identity is not protected. Moreover, users cannot change their password off-line. In order to overcome the security flaws, we propose a new scheme which provides more security without affecting the merits of the original scheme.

cryptanalysis; mutual authentication; network security; session key; smart card