International Research Journal of Education and Technology

In this thesis we initiates the analysis of twin specific or particular or especially security threats (means of declaration of an intention or a determination to inflict harm on another) on smart  card based password authentication (or authorization processing) in distributed systems. Smart- card-based password authentication is one amongst the foremost usually used security mechanisms to see the identity of a distant consumer, who should hold a legitimate smart card and also the corresponding password to hold out a prospering authentication with the server. Such security is required when there is fear of dictionary attack, in dictionary attack there are some lists of pre-computed words in order to guess the password to access the system. The authentication is typically integrated with a key establishment protocol and yields smart-card- based password-authenticated key agreement. Victimize two recently planned protocols as case studies, we tend to demonstrate two new forms of adversaries with sensible card:

• Adversaries with pre-computed information hold on within the smart card, and

• Adversaries with totally different or completely different information (with relation to different time slots) hold on within the smart card. These threats, although realistic in distributed systems, haven't been studied within the literature. Additionally to imply the vulnerabilities, we tend to propose the countermeasures to thwart the safety threats and secure the protocols.

Key Words: smart  card, authorization processing, security threats, Research Expertise,