Further Cryptanalysis of a Password Authentication Scheme with Smart Cards
スポンサーリンク
概要
- 論文の詳細を見る
Following the developments in the use of ID-based schemes and smart cards, Yang and Shieh proposed two password authentication schemes to achieve two purposes : (1) to allow users to choose and change their passwords freely, and (2) to make it unnecessary for the remote server to maintain a directory of passwords or a verification table to authenticate users. Recently, Chan and Cheng showed that Yang and Shieh's timestamp-based password authentication scheme is insecure against forgery. In this paper, we point out that Chan and Cheng's forgery attack can not work. Thus, we further examine the security of Yang and Shieh's password authentication schemes and find that they are insecure against forgery because one adversary can easily pretend to be a valid user and pass the server's verification which allows the adversary to login to the the remote server.
- 社団法人電子情報通信学会の論文
- 2003-04-01
著者
-
Sun Hung-min
Department Of Computer Science National Tsing Hua University
-
Yeh Her-tyan
Department Of Computer Science And Information Engineering National Cheng Kung University
関連論文
- A Note on Factoring α-LSBS Moduli
- Security of a Remote User Authentication Scheme Using Smart Cards(Internet)
- An Improvement of a Deniable Authentication Protocol(Network)
- Further Cryptanalysis of a Password Authentication Scheme with Smart Cards
- Improvement of an Efficient and Practical Solution to Remote Authentication : Smart Card(Internet)