Improvement of a security enhanced one-time two-factor authentication and key agreement scheme

In 2010, h?lbl et al. showed that shieh et al.'s mutual authentication and key agreementscheme is vulnerable to the smart card lost attack, not achieving perfect forward secrecy, and proposeda security enhanced scheme to eliminate these weaknesses. in this paper, we show that h?lbl et al.'ssecurity enhancement is still vulnerable to the smart card lost attacks. in addition, their scheme cannotresist impersonation attacks and parallel session attacks. seeing that the existing mutual authenticationschemes using smart cards are almost vulnerable to the smart card lost attacks, we further propose a newone-time two-factor mutual authentication and key agreement scheme to eliminate these weaknesses.