Title :
Security Analysis of Two Password Authentication Schemes
Author_Institution :
Sch. of Inf. Technol., Jiangxi Univ. of Finance & Econ., Nanchang, China
Abstract :
Recently, Rhee, Kwon and Lee proposed a practical authentication scheme only based on the common storage device. In the scheme the remote user does not need to use smart cards. It is convenient for the users to use a common storage device such as a universal serial bus memory. The scheme is easy to implement. However, this authentication scheme is vulnerable to impersonation attacks and middle man attacks. An attacker could impersonate legitimate users to login and access the remote server. In addition, we analyze the security of Fan-Chan-Zhangpsilas scheme. The scheme suffers from replay attacks and impersonation attacks.
Keywords :
message authentication; Fan-Chan-Zhang security scheme; common storage device; impersonation attack; middle man attack; replay attack; security analysis; two password authentication scheme; universal serial bus memory; Authentication; Computer security; Cryptography; Finance; Identity-based encryption; Information analysis; Information security; Information technology; Mobile computing; Smart cards; authentication; impersonation attacks; password; replay; smart card;
Conference_Titel :
Mobile Business, 2009. ICMB 2009. Eighth International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-0-7695-3691-0
DOI :
10.1109/ICMB.2009.57
