Title :
Cryptanalysis of password authentication system
Author :
Aboud, S.J. ; Al-fayoumi, Mohammad
Author_Institution :
Dept. of Comput. Sci. & Technol., Univ. of Bedfordshire, Luton, UK
Abstract :
The password authentication systems have been increasing in recent years. Therefore authors have been concentrated these days on introducing more password authentication systems. Thus, in 2011, Lee et al., presented an enhanced system to resolve the vulnerabilities of selected system. But, we notice that Lee et al., system is still weak to server attack and stolen smart card attack. Also, a password change protocol of the system is neither suitable to users nor low efficient. There is no handy data can be gained from the values kept in smart cards. Therefore, a stolen smart card attack can be blocked. To prevent server attack, we suggest transferring a user authentication operation from servers to a registration centre, which can guarantee every server, has another private key.
Keywords :
cryptography; message authentication; smart cards; cryptanalysis; password authentication system; password change protocol; private key; registration centre; server attack; stolen smart card attack; user authentication operation; Authentication; Computer hacking; Cryptography; Protocols; Servers; Smart cards;
Conference_Titel :
Computer Science and Information Technology (CSIT), 2014 6th International Conference on
Conference_Location :
Amman
Print_ISBN :
978-1-4799-3998-5
DOI :
10.1109/CSIT.2014.6805972
