CryptoDB
Cryptanalysis of a DoS-resistant ID-based password authentication
| Authors: | |
|---|---|
| Download: | |
| Abstract: | Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, Hwang et al. proposed a DoS-resistant ID-based password authentication scheme using smart cards. In the current work, we are concerned with the password security of the Hwang et al.s scheme. We first show that their scheme is vulnerable to a password guessing attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of their scheme. |
BibTeX
@misc{eprint-2010-23082,
title={Cryptanalysis of a DoS-resistant ID-based password authentication},
booktitle={IACR Eprint archive},
keywords={cryptographic protocols / Authentication; Security; Cryptanalysis; Smart card; Attacks},
url={http://eprint.iacr.org/2010/181},
note={The paper has not been published. hedebiao@163.com 14704 received 5 Apr 2010},
author={He Debiao and Chen Jianhua and Hu Jin},
year=2010
}