Cryptanalysis of the Yang -Wang's password authentication schemes

نویسندگان

  • Jue-Sam Chou
  • Ming-De Yang
  • Guey-Chuen Lee
چکیده

In 1999, Yang and shieh proposed two password authentication schemes using smart cards. But in 2003, Sun and Yeh indicated that their schemes are subject to the forgery attack. So in 2005, Yang and Wang proposed an improvement of Yang and Shieh’s schemes to resist against Sun and Yeh’s attack. However in this paper, we will point out that Yang and Wang’s schemes still suffer from the forgery attack. Because in their schemes, one can masquerade as a legal user and cheat the remote server successfully in the authentication phase.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cryptanalysis of Two Improved Password Authentication Schemes Using Smart Cards

Recently, Yang et al. improved Yang and Shieh’s two password authentication schemes to withstand Sun and Yeh’s forgery attacks. However, Kim et al. pointed out that Yang et al.’s improvements still cannot withstand forgery attacks. At the same time, Kim et al. proposed improved methods. In this paper, we shall show that Kim et al.’s improvements also cannot resist the forgery attacks.

متن کامل

Cryptanalysis of Timestamp-Based Password Authentication Schemes Using Smart Cards

Password authentication is an important mechanism for remote login systems, where only authorized users can be authenticated via using their passwords and/or some similar secrets. In 1999, Yang and Shieh [14] proposed two password authentication schemes using smart cards. Their schemes are not only very efficient, but also allow users to change their passwords freely and the server has no need ...

متن کامل

Formal Analysis and Systematic Construction of Two-Factor Authentication Scheme (Short Paper)

One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type of schemes, in this paper, we further review two recently proposed schemes and show that their sec...

متن کامل

Secure SAS-like password authentication schemes

Recently, there are several articles proposed for the so-called SAS password authentication scheme with lower storage, processing, and transmission overheads. For benefiting from these advantages, there are a series of researches on the SAS-like schemes. However, as knowledge of cryptanalysis has involved, a series of modification have been made. Unfortunately, those enhancements have still sec...

متن کامل

Cryptanalysis of Tan's Improvement on a Password Authentication Scheme for Multi-server Environments

Smart cards have been applied on password authentication in recent years. A user can input his/her identity and password to require services from the remote server. There are various attacks through an insecure network to obtain a user’s information. Therefore, many schemes are proposed to guarantee secure communication. However, a lot of schemes are not secure. Recently, Tan proposed an improv...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2005  شماره 

صفحات  -

تاریخ انتشار 2005