Title :
Cryptanalysis of oPass
Author :
Marimuthu, K. ; Ganesh Gopal, D. ; Aditya, Shivam ; Mittal, Varun
Author_Institution :
Sch. of Comput. Sci. & Eng., VIT Univ., Vellore, India
Abstract :
The security of oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks proposed by H.M.Sun et al. in IEEE Transactions on Information Forensics and Security, Vol.7, No.2, April 2012 is analyzed. Upon completion of the analysis of the paper, four kinds of attacks SMS service, attacks on oPass communication links, unauthorised intruder access using the master password and Network attacks on untrusted web browser are identified in different scenarios. Thus, we proved that oPass proposed by H.M.Sun et al. is not suitable for practical application.
Keywords :
Web sites; cryptographic protocols; IEEE transactions; cryptanalysis; information forensics; information security; master password; network attacks; oPas security; oPass communication links; password reuse attacks; password stealing; unauthorised intruder access; untrusted Web browser; user authentication protocol; Authentication; Browsers; Cryptography; Irrigation; Modems; Servers; Intruder attack; Nonce; SMS; password reuse attack; password stealing attack;
Conference_Titel :
Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on
Conference_Location :
Ramanathapuram
Print_ISBN :
978-1-4799-3913-8
DOI :
10.1109/ICACCCT.2014.7019457
