Cryptanalysis on One-Time Password Authentication Schemes Using Counter Value(Internet)
スポンサーリンク
概要
- 論文の詳細を見る
The Internet and mobile communication systems are being developed, and related applications for managing personal information require user authentication for confirming legitimate users. One-time password authentication methods secure user's authorities by changing the verifier every time. The S/Key is a famous one-time password authentication scheme, which is based on Lamport's scheme. T.-C. Yeh et al. have point out security problems of the S/Key scheme and have proposed a variant of the S/Key scheme, which can be applied to smart cards. However, this method risks certain attacks, too. Those two proposed schemes use counter value, which can easily be modified by an attacker. Herein we discuss security problems of the S/Key and Yeh-Shen-Hwang's password authentication schemes using forgery attacks and stolen-verifier attacks.
- 社団法人電子情報通信学会の論文
- 2004-06-01
著者
-
Tsuji Takasuke
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
-
Shimizu Akihiro
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
関連論文
- An Impersonation Attack on One-Time Password Authentication Protocol OSPA(Fundamental Theories)
- Cryptanalysis on One-Time Password Authentication Schemes Using Counter Value(Internet)
- One-Time Password Authentication Protocol against Theft Attacks(Security)(Internet Technology IV)
- A One-Time Password Authentication Method for Low Spec Machines and on Internet Protocols(Internet)