On the Limits of Anonymous Password Authentication
نویسندگان
چکیده
Password authentication is the most commonly accepted means for entity authentication. To meet the increasing need of preserving individual privacy, anonymous password authentication has been proposed recently, to augment password authentication with the protection of user privacy. In this paper, we analyze the weaknesses inherent to anonymous password authentication, which make it questionable for the practicality of anonymous password authentication in real applications. We also show that all the existing anonymous password authentication schemes may subject to undetectable on-line dictionary attacks.
منابع مشابه
An Improved Anonymous Authentication Scheme for Roaming Services
In wireless network and mobile network, a two-factor authentication scheme for roaming services enables a mobile user to achieve mutual authentication and key agreement with the foreign agent. In this paper, we review Kim et al.’s anonymous authentication scheme in global mobility networks. Analysis shows that Kim et al.’s scheme fails to achieve anonymity and two-factor authentication. In addi...
متن کاملTwo - factor Authentication Schemes Based Smart Card and Password with User Anonymity ⋆
Two-factor anonymous authentication using password and smart card could preserve user privacy and reduce the risk than the use of a single authentication factor. Recently, Chang et al. pointed some security weaknesses in Wang et al.’s anonymous authentication scheme and proposed enhanced scheme. They claimed that their scheme provides desired security properties. However, we show that Chang et ...
متن کاملAn Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks
More security concerns and complicated requirements arise in wireless sensor networks than in wired networks, due to the vulnerability caused by their openness. To address this vulnerability, anonymous authentication is an essential security mechanism for preserving privacy and providing security. Over recent years, various anonymous authentication schemes have been proposed. Most of them revea...
متن کاملAn Efficient and Robust Anonymous Authentication Scheme in Global Mobility Networks
Anonymous user authentication is an essential security mechanism for roaming services in global mobility networks (GLOMONET). Recently, Zhao et al. propose a two-factor anonymous authentication scheme to achieve mutual authentication and session key establishment between the mobile user (MU) and a foreign agent (FA). This paper shows that their scheme has some security vulnerabilities and opera...
متن کاملSecurity Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics
An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server env...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009