A Security-Enhanced Password Management Scheme based on Needham’s Scheme
نویسندگان
چکیده
R. M. Needham mentioned a Personal Identification Number (PIN) management scheme for Automatic Teller Machine (ATM) transactions which provides enhanced privacy and the responsibility separation [10]. This scheme was described as a rough example which supports his idea on security research under the changing computing environment. Though it shows a new approach to the role separation between a client and a server for PIN management, it needs some modification for application. A modified scheme for Needham’s one is suggested in this paper. Based on this modified scheme, we present a password management scheme for the UNIX systems with enhanced privacy and separated responsibility. Without serious modification of existing procedures and functions, this scheme provides higher privacy and security than that in the conventional UNIX password management scheme.
منابع مشابه
An Enhanced Anonymous Password-based Authenticated Key Agreement Scheme with Formal Proof
With the development of technology, the security of password-based authentication is becoming more and more significant. Recently, Lee et al. proposed an anonymous password-based authenticated key agreement scheme with non-temper resistant smart card to reduce the computation cost of Wang et al.’s scheme. However, based on analysis, it shows that the scheme can’t withstand smart card stolen or ...
متن کاملA novel key management scheme for heterogeneous sensor networks based on the position of nodes
Wireless sensor networks (WSNs) have many applications in the areas of commercial, military and environmental requirements. Regarding the deployment of low cost sensor nodes with restricted energy resources, these networks face a lot of security challenges. A basic approach for preparing a secure wireless communication in WSNs, is to propose an efficient cryptographic key management protocol be...
متن کاملEnhanced smartcard-based password-authenticated key agreement using extended chaotic maps
A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, ...
متن کاملA security enhanced password authentication and update scheme based on elliptic curve cryptography
As two fundamental requirements to ensure secure communications over an insecure public network channel, password authentication and update of password have received considerable attention. To satisfy the above two requirements, Islam et al. proposed a password authentication and update scheme based on elliptic curve cryptography. They claimed that their scheme could withstand various attacks. ...
متن کاملAttacks on the (enhanced) Yang-Shieh authentication
The Yang-Shieh authentication is a timestamp based password authentication scheme that uses smart cards [1]. In [2,3], various attacks on this scheme are described. However, an enhancement of the scheme is proposed in [3] and enables the scheme to resist these existing attacks. In this paper, we show two new attack that can break the enhanced scheme. We further point out that the fundamental co...
متن کامل