Security weaknesses in two multi-server password based authentication protocols
نویسندگان
چکیده
In 2004 and 2005, Tsaur et al. proposed a smart card based password authentication schemes for multi-server environments, respectively. They claimed that their protocols are safe and can withstand various kinds of attacks. However, after analysis, we found their schemes each have some secure loopholes. In this article, we will show the security flaws in these two protocols.
منابع مشابه
Cryptanalysis of Design and Analysis of a Provably Secure Multi-server Authentication Scheme
The rapid growth of inter-networking and communication technologies resulted in an exponential hit rate on commercial service providing websites (servers) like Google, Amazon, Flipkart etc. from remote users connected via Internet. To handle the networking load, the organizations are moving from the traditional two tier client server architecture to multi-server architecture for efficient load ...
متن کاملCryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture
Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In NSS’10, Shao and Chin pointed out that Hsiang and Shih’s dynamic ID-based remote user authentication scheme for multi-server environment is vulnerable to server spoofing attack and fails to preserve user anonymity, and further proposed an improved version wh...
متن کاملDynamic Identity Based Authentication Protocol for Two-Server Architecture
Most of the password based authentication protocols make use of the single authentication server for user’s authentication. User’s verifier information stored on the single server is a main point of susceptibility and remains an attractive target for the attacker. On the other hand, multi-server architecture based authentication protocols make it difficult for the attacker to find out any signi...
متن کاملA Password and Smart Card Based User Authentication Mechanism for Multi-Server Environments
Secure user authentication without repeating registration is one of the important issues in multi-server networks that needs to be adequately addressed. Recently, two-factor (smart card and password) based remote user authentication protocols have been widely introduced due to their low constructional cost and convenient usability for the authentication purpose. In 2011, Chang and Cheng propose...
متن کاملA Novel Dynamic Identity based Authentication Scheme for Multi- Server Environment using Smart Cards
Remote user authentication scheme with key agreement is a very practical mechanism to verify a remote user and then provide secure communication. Furthermore, many network environments have been becoming multi-server based due to the rapid growth of computer networks. Therefore, more and more researches have been focused on proposing smart card based remote authentication scheme with session ke...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009