Sciweavers

MUE
2007
IEEE

An Enhanced Password Authentication Scheme Providing Password Updating without Smart Cards

14 years 5 months ago
An Enhanced Password Authentication Scheme Providing Password Updating without Smart Cards
In 2003, Yang, Chang, and Hwang proposed an enhanced scheme of Peyravivan-Zunic’s password authentication scheme by using the Diffie-Hellman scheme. Later, Yoon, Ryu, and Yoo demonstrated that Yang-Chang-Hwang’s scheme is vulnerable to a stolen-verifier attack and a denial-of-service attack, and then proposed an improved scheme. In this paper, we show that Yoon-Ryu-Yoo’s scheme is still vulnerable to a stolen-verifier attack and a server spoofing attack under some reasonable assumption. In addition, we propose an improved scheme to eliminate such security flaws.
Chin-Chen Chang, Hao-Chuan Tsai, Yi-Hui Chen
Added 04 Jun 2010
Updated 04 Jun 2010
Type Conference
Year 2007
Where MUE
Authors Chin-Chen Chang, Hao-Chuan Tsai, Yi-Hui Chen
Comments (0)