Cryptanalysis of Two Efficient Password-based Authentication Schemes Using Smart Cards
نویسندگان
چکیده
In 2011, Kumar et al. proposed an efficient password authentication scheme using smart cards to overcome the security flaws in Liao et al. scheme. However, in this paper, we point out that Kumar et al.’s scheme actually has various defects been overlooked, such as no provision of forward secrecy, poor repairability and practicality. More recently, Ramasamy and Muniyandi presented an efficient two-factor scheme based on RSA and this scheme is claimed to have a number of merits over existing schemes. Notwithstanding their ambitions, RamasamyMuniyandi’s scheme is vulnerable to user impersonation attack, and it actually is equivalent to a verifier-tablebased scheme, which discourages any use of the scheme for practical applications.
منابع مشابه
Cryptanalysis of Two Dynamic ID-Based Remote User Authentication Schemes for Preserving User Privacy
Remote user authentication is an essential part in electronic commerce to identify legitimate users over the Internet. However, how to protect user privacy in the authentication has become an important issue recently. Therefore, many secure authentication schemes with smart cards have been proposed. In this paper, we will analyze the security weaknesses of two recently proposed authentication s...
متن کاملCryptanalysis of Timestamp-Based Password Authentication Schemes Using Smart Cards
Password authentication is an important mechanism for remote login systems, where only authorized users can be authenticated via using their passwords and/or some similar secrets. In 1999, Yang and Shieh [14] proposed two password authentication schemes using smart cards. Their schemes are not only very efficient, but also allow users to change their passwords freely and the server has no need ...
متن کاملBreaking a Robust Remote User Authentication Scheme Using Smart Cards
Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. Recently, Yeh et al. showed that Hsiang and Shih’s password-based remote user authentication scheme is vulnerable to various attacks if the smart card is nontamper resistant, and proposed an improved version which was claimed to be efficient and secure. In this...
متن کاملSecurity flaws in two improved remote user authentication schemes using smart cards
Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password-based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is...
متن کاملCryptanalysis of Two Improved Password Authentication Schemes Using Smart Cards
Recently, Yang et al. improved Yang and Shieh’s two password authentication schemes to withstand Sun and Yeh’s forgery attacks. However, Kim et al. pointed out that Yang et al.’s improvements still cannot withstand forgery attacks. At the same time, Kim et al. proposed improved methods. In this paper, we shall show that Kim et al.’s improvements also cannot resist the forgery attacks.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 17 شماره
صفحات -
تاریخ انتشار 2015