An Enhanced Password Authentication Scheme Providing Password Updating without Smart Cards

14 years 5 months ago

Download www.sersc.org

In 2003, Yang, Chang, and Hwang proposed an enhanced scheme of Peyravivan-Zunic’s password authentication scheme by using the Diffie-Hellman scheme. Later, Yoon, Ryu, and Yoo demonstrated that Yang-Chang-Hwang’s scheme is vulnerable to a stolen-verifier attack and a denial-of-service attack, and then proposed an improved scheme. In this paper, we show that Yoon-Ryu-Yoo’s scheme is still vulnerable to a stolen-verifier attack and a server spoofing attack under some reasonable assumption. In addition, we propose an improved scheme to eliminate such security flaws.

Chin-Chen Chang, Hao-Chuan Tsai, Yi-Hui Chen

Real-time Traffic

Improved Scheme | MUE 2007 | Multimedia | Password Authentication Scheme | Stolen-verifier Attack |

claim paper

Post Info
More Details (n/a)

Added	04 Jun 2010
Updated	04 Jun 2010
Type	Conference
Year	2007
Where	MUE
Authors	Chin-Chen Chang, Hao-Chuan Tsai, Yi-Hui Chen

Comments (0)

Sciweavers

An Enhanced Password Authentication Scheme Providing Password Updating without Smart Cards

Improved Scheme | MUE 2007 | Multimedia | Password Authentication Scheme | Stolen-verifier Attack |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers