• DocumentCode
    238287
  • Title

    Cryptanalysis of oPass

  • Author

    Marimuthu, K. ; Ganesh Gopal, D. ; Aditya, Shivam ; Mittal, Varun

  • Author_Institution
    Sch. of Comput. Sci. & Eng., VIT Univ., Vellore, India
  • fYear
    2014
  • fDate
    8-10 May 2014
  • Firstpage
    329
  • Lastpage
    334
  • Abstract
    The security of oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks proposed by H.M.Sun et al. in IEEE Transactions on Information Forensics and Security, Vol.7, No.2, April 2012 is analyzed. Upon completion of the analysis of the paper, four kinds of attacks SMS service, attacks on oPass communication links, unauthorised intruder access using the master password and Network attacks on untrusted web browser are identified in different scenarios. Thus, we proved that oPass proposed by H.M.Sun et al. is not suitable for practical application.
  • Keywords
    Web sites; cryptographic protocols; IEEE transactions; cryptanalysis; information forensics; information security; master password; network attacks; oPas security; oPass communication links; password reuse attacks; password stealing; unauthorised intruder access; untrusted Web browser; user authentication protocol; Authentication; Browsers; Cryptography; Irrigation; Modems; Servers; Intruder attack; Nonce; SMS; password reuse attack; password stealing attack;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on
  • Conference_Location
    Ramanathapuram
  • Print_ISBN
    978-1-4799-3913-8
  • Type

    conf

  • DOI
    10.1109/ICACCCT.2014.7019457
  • Filename
    7019457
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=238287