Further Analysis and Improvement of Yoon et al.´s Hash-Based User Authentication Scheme

Author

Wang Bang-Ju ; Shu-Hua, Li ; Zhang Huan-Guo

Author_Institution

Sch. of Sci., Huazhong Agric. Univ., Wuhan

Volume

3

fYear

2009

fDate

6-8 Jan. 2009

Firstpage

480

Lastpage

484

Abstract

In 2002, Lee et al. proposed a scheme improving on Peyravian and Zunic scheme. However, Yoon et al. found that the scheme is vulnerable to a denial of service (DoS) attack and proposed a enhanced scheme on Lee et al.´s scheme. Unfortunately, Ku et al. pointed out that Yoon et al.´s scheme can not achieve backward secrecy and is vulnerable to off-line password guessing and stolen-verifier attacks. In this paper, the other security flaws of the scheme that new insider attack and replay attack are stated, and an improved hash based scheme on Yoon et al.´s scheme is proposed. The improved scheme in this paper can fix all the known security flaws of Yoon et al.´s scheme except for backward secrecy and is more secure and efficient for practical application in source constraint wireless networks.

Keywords

authorisation; cryptography; wireless channels; Peyravian scheme; Zunic scheme; denial of service attack; hash-based user authentication; off-line password guessing; security flaws; source constraint wireless networks; stolen-verifier attacks; Authentication; Computational efficiency; Computer crime; Mobile communication; Mobile computing; Public key; Public key cryptography; Resists; Security; Wireless networks; attack; hash function; password; password authentication;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications and Mobile Computing, 2009. CMC '09. WRI International Conference on

Conference_Location

Yunnan

Print_ISBN

978-0-7695-3501-2

Type

conf

DOI

10.1109/CMC.2009.271

Filename

4797300