Cryptanalysis of the Yang -Wang's password authentication schemes
نویسندگان
چکیده
In 1999, Yang and shieh proposed two password authentication schemes using smart cards. But in 2003, Sun and Yeh indicated that their schemes are subject to the forgery attack. So in 2005, Yang and Wang proposed an improvement of Yang and Shieh’s schemes to resist against Sun and Yeh’s attack. However in this paper, we will point out that Yang and Wang’s schemes still suffer from the forgery attack. Because in their schemes, one can masquerade as a legal user and cheat the remote server successfully in the authentication phase.
منابع مشابه
Cryptanalysis of Two Improved Password Authentication Schemes Using Smart Cards
Recently, Yang et al. improved Yang and Shieh’s two password authentication schemes to withstand Sun and Yeh’s forgery attacks. However, Kim et al. pointed out that Yang et al.’s improvements still cannot withstand forgery attacks. At the same time, Kim et al. proposed improved methods. In this paper, we shall show that Kim et al.’s improvements also cannot resist the forgery attacks.
متن کاملCryptanalysis of Timestamp-Based Password Authentication Schemes Using Smart Cards
Password authentication is an important mechanism for remote login systems, where only authorized users can be authenticated via using their passwords and/or some similar secrets. In 1999, Yang and Shieh [14] proposed two password authentication schemes using smart cards. Their schemes are not only very efficient, but also allow users to change their passwords freely and the server has no need ...
متن کاملFormal Analysis and Systematic Construction of Two-Factor Authentication Scheme (Short Paper)
One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type of schemes, in this paper, we further review two recently proposed schemes and show that their sec...
متن کاملSecure SAS-like password authentication schemes
Recently, there are several articles proposed for the so-called SAS password authentication scheme with lower storage, processing, and transmission overheads. For benefiting from these advantages, there are a series of researches on the SAS-like schemes. However, as knowledge of cryptanalysis has involved, a series of modification have been made. Unfortunately, those enhancements have still sec...
متن کاملCryptanalysis of Tan's Improvement on a Password Authentication Scheme for Multi-server Environments
Smart cards have been applied on password authentication in recent years. A user can input his/her identity and password to require services from the remote server. There are various attacks through an insecure network to obtain a user’s information. Therefore, many schemes are proposed to guarantee secure communication. However, a lot of schemes are not secure. Recently, Tan proposed an improv...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2005 شماره
صفحات -
تاریخ انتشار 2005