Weaknesses and improvements of Yang-Chang-Hwang's password authentication scheme

被引:0
|
作者
Ku, WC [1 ]
Tsai, HC [1 ]
机构
[1] Fe Jen Catholic Univ, Dept Comp Sci & Informat Engn, Taipei 242, Taiwan
来源
INFORMATICA | 2005年 / 16卷 / 02期
关键词
password authentication; denial-of-service attack; stolen-verifier attack;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In 2001, Tseng, Jan, and Chien proposed an improved version of Peyravian-Zunic's password authentication scheme based on the Diffie-Hellman scheme. Later, Yang, Chang, and Hwang demonstrated that Tseng-Jan-Chien's scheme is vulnerable to a modification attack, and then described an improved scheme. In this paper, we show that Yang-Chang-Hwang's scheme is still vulnerable to a denial-of-service attack and a stolen-verifier attack. In addition, we also propose an improved scheme with better security.
引用
收藏
页码:203 / 212
页数:10
相关论文
共 44 条
  • [1] Weaknesses and Improvements of a One-time Password Authentication Scheme
    Kim, Mijin
    Lee, Byunghee
    Kim, Seungjoo
    Won, Dongho
    [J]. INTERNATIONAL JOURNAL OF FUTURE GENERATION COMMUNICATION AND NETWORKING, 2009, 2 (04): : 29 - 37
  • [2] Cryptanalysis of Yang-Wang-Chang's password authentication scheme with smart cards
    Pathan, Al-Sakib Khan
    Hong, Choong Seon
    [J]. 10TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III: INNOVATIONS TOWARD FUTURE NETWORKS AND SERVICES, 2008, : 1618 - 1620
  • [3] Comments on the Yang-Chang-Hwang anonymous conference key distribution system
    Lin, CH
    Lee, CY
    Lee, W
    [J]. COMPUTER STANDARDS & INTERFACES, 2004, 26 (03) : 171 - 174
  • [4] Weaknesses and Improvements of Kuo-Lee's One-Time Password Authentication Scheme
    Kim, Mijin
    Lee, Byunghee
    Kim, Seungjoo
    Won, Dongho
    [J]. COMMUNICATION AND NETWORKING, 2009, 56 : 421 - 430
  • [5] Remarks on Wang-Chang's password authentication scheme
    Chan, CK
    Cheng, LM
    [J]. ELECTRONICS LETTERS, 2001, 37 (01) : 22 - 23
  • [6] Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards
    Ku, WC
    Chen, SM
    [J]. IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 2004, 50 (01) : 204 - 207
  • [7] Comments on Yeh-Shen-Hwang's one-time password authentication scheme
    You, IS
    Cho, K
    [J]. IEICE TRANSACTIONS ON COMMUNICATIONS, 2005, E88B (02) : 751 - 753
  • [8] Cryptanalysis of Yeh-Shen-Hwang's one-time password authentication scheme
    Yum, DH
    Lee, PJ
    [J]. IEICE TRANSACTIONS ON COMMUNICATIONS, 2005, E88B (04) : 1647 - 1648
  • [9] Security Weaknesses of Li's Remote User Password Authentication Scheme Using Smart Card
    Ling, Jie
    Zhao, Guang-Qiang
    Liu, Yi
    [J]. PROCEEDINGS OF THE 2015 INTERNATIONAL CONFERENCE ON MATERIALS ENGINEERING AND INFORMATION TECHNOLOGY APPLICATIONS, 2015, 28 : 677 - 681
  • [10] Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture
    Ku, WC
    [J]. IEEE TRANSACTIONS ON NEURAL NETWORKS, 2005, 16 (04): : 1002 - 1005
12345