• DocumentCode
    2558439
  • Title

    An Enhanced Password Authentication Scheme Providing Password Updating without Smart Cards

  • Author

    Chang, Chin-Chen ; Tsai, Hao-Chuan ; Chen, Yi-Hui

  • Author_Institution
    Feng Chia Univ., Taichung
  • fYear
    2007
  • fDate
    26-28 April 2007
  • Firstpage
    1210
  • Lastpage
    1215
  • Abstract
    In 2003, Yang, Chang, and Hwang proposed an enhanced scheme of Peyravivan-Zunic´s password authentication scheme by using the Diffie-Hellman scheme. Later, Yoon, Ryu, and Yoo demonstrated that Yang-Chang-Hwang´s scheme is vulnerable to a stolen-verifier attack and a denial-of-service attack, and then proposed an improved scheme. In this paper, we show that Yoon-Ryu-Yoo´s scheme is still vulnerable to a stolen-verifier attack and a server spoofing attack under some reasonable assumption. In addition, we propose an improved scheme to eliminate such security flaws.
  • Keywords
    message authentication; smart cards; denial-of-service attack; enhanced password authentication scheme; server spoofing attack; smart cards; stolen-verifier attack; Authentication; Computational efficiency; Computer crime; Computer science; Cryptography; Data security; Electronic mail; Protection; Protocols; Smart cards;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Multimedia and Ubiquitous Engineering, 2007. MUE '07. International Conference on
  • Conference_Location
    Seoul
  • Print_ISBN
    0-7695-2777-9
  • Type

    conf

  • DOI
    10.1109/MUE.2007.77
  • Filename
    4197444
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2558439