CryptoDB
Cryptanalysis of an ID-based Password Authentication Scheme using Smart Cards and Fingerprints
Authors: | |
---|---|
Download: | |
Abstract: | In a paper recently published in the ACM Operating Systems Review, Kim, Lee and Yoo \cite{kim-lee-yoo} describe two ID-based password authentication schemes for logging onto a remote network server using smart cards, passwords and fingerprints. Various claims are made regarding the security of the schemes, but no proof is offered. Here we show how a passive eavesdropper, without access to any smart card, password or fingerprint, and after passively eavesdropping only one legitimate log-on, can subsequently log-on to the server claiming any identity. |
BibTeX
@misc{eprint-2004-11993, title={Cryptanalysis of an ID-based Password Authentication Scheme using Smart Cards and Fingerprints}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols / cryptanalysis, ID-based methods, password authentication, smart cards}, url={http://eprint.iacr.org/2004/017}, note={ mike@computing.dcu.ie 12443 received 26 Jan 2004}, author={M. Scott}, year=2004 }