A Simple Attack on a Recently Introduced Hash-based Strong-password Authentication Scheme
نویسندگان
چکیده
The user authentication is an important part of network security. Several strong-password authentication protocols have been introduced, but a secure scheme, which probably withstands to several known attacks, is not yet available. Recently, a hash-based strong-password authentication scheme was described in [2], which withstands to the several attacks, including replay, passwordfile compromise, denial-of-service, and insider attacks. However, we show that this protocol is still vulnerable to stolen-verifier, denial-of-service, replay, and impersonation attacks.
منابع مشابه
A Simple Password Authentication Scheme Based on Geometric Hashing Function
Password authentication protocol is one of most important mechanisms to prevent resources from accessing by unauthorized users. Many password authentication schemes have been developed in last decades, and many of them are based on the use of smart card. However, nowadays it is not applicable for many applications on the Internet to adopt the smart card in their authentication scheme due to its...
متن کاملAn Improvement of Wang . et . al . ’ s Remote User Authentication Scheme Against Smart Card Security Breach
User authentication is one of the fundamental procedures to provide secure communications between user and server over an insecure public channel. Recently, Wang et. al. proposed password-based user authentication scheme based on hash function and modular exponentiation and they claimed that their scheme provides strong authentication than related scheme. But in this paper, it is pointed out th...
متن کاملA Simple Attack on a Recently Introduced Hash-Based Secure User Authentication Scheme
User authentication is an important service in network security. Recently, several user authentication protocols have been proposed. However, a scheme which withstands all known attacks is not yet available. The Lee-Li-Hwang (LLH) authentication scheme [3] was proposed to circumvent the guessing attack in the Peyravian-Zunic (PZ) password scheme [6]. However, Yoon, Ryu, and Yoo (YRY) [9] discov...
متن کاملOn the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme
User authentication is an essential task for network security. To serve this purpose,in the past years, several strong password authentication schemes have been proposed, but none of them probably withstand to known security threats. In 2004, W. C. Ku proposed a new hash based strong password authentication scheme and claimed that the proposed scheme withstands to replay, password fie compromis...
متن کاملCryptanalysis of a User Authentication Protocol
Recently, Peyravin and Jeffries proposed a password-based practical authentication scheme using oneway collision-resistant hash functions. However, Shim and Munilla independently showed that the scheme is vulnerable to off-line guessing attacks. Hölbl, Welzer and Brumenn presented an improved password-based protocols. In the paper, we showed that the improved scheme still suffers from off-line ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 1 شماره
صفحات -
تاریخ انتشار 2005