An Impersonation Attack on One-Time Password Authentication Protocol OSPA

IEICE Transactions on Communications

Volumn E86-B, Issue 7, 2003, Pages 2182-2185

  Tsuji, Takasuke ^a   Shimizu, Akihiro ^a  

^a KOCHI UNIVERSITY OF TECHNOLOGY   (Japan)

Author keywords

Cryptography; Hash function; One time password; Password authentication

Indexed keywords

COMPUTER NETWORKS; CRYPTOGRAPHY; NETWORK PROTOCOLS;

AUTHENTICATION PROTOCOLS;

SECURITY OF DATA;

EID: 0141938442     PISSN: 09168516     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (13)

1. R. Rivest, "The MD5 message-digest algorithm," Internet Request For Comments 1321, April 1992.
2. National Institute of Standards and Technology, "Secure hash standard," FIPS Publication 180-1, April 1995.
3. W. Stallings, "Secure hash algorithm," in Cryptography and Network Security: Principles and Practice Second Edition, pp. 193-197, Prentice-Hall, 1999.
4. H. Dobbertin, A. Bosselaers, and B. Preneel, "RIPEMD-160: A strengthened version of RIPEMD," Fast Software Encryption, Third International Workshop, Lecture Notes in Computer Science 1039, pp.71-82, Springer-Verlag, 1996.
5. L. Lamport, "Password authentication with insecure communication," Commun. ACM, vol.24, no.11, pp.770-772, 1981.
6. N. Haller, "The S/KEY(TM) one-time password system," Proc. Internet Society Symposium on Network and Distributed System Security, pp.151-158, 1994.
7. A. Shimizu, "A dynamic password authentication method by one-way function," IEICE Trans. Int. & Syst. (Japanese Edition), vol.J73-D-I, no.7, pp.630-636, July 1990.
8. A. Shimizu, "A dynamic password authentication method by one-way function," System and Computers in Japan, vol.22, no.7, pp.32-40, 1991.
9. A. Shimizu, T. Horioka, and H. Inagaki, "A password authentication method for contents communication on the internet," IEICE Trans. Commun., vol.E81-B, no.8, pp.1666-1673, Aug. 1998.
10. M. Sandirigama, A. Shimizu, and M.T. Noda, "Simple and secure password authentication protocol (SAS)," IEICE Trans. Commun., vol.E83-B, no.6, pp.1363-1365, June 2000.
11. C. Lin, H. Sun, and T. Hwang, "Attacks and solutions on strong-password authentication," IEICE Trans. Commun., vol.E84-B, no.9, pp.2622-2627, Sept. 2001.
12. T. Kamioka and A. Shimizu, "The examination of the security of SAS one-time password authentication," IEICE Technical Report, OFS2001-48, 2001.
13. C.M. Chen and W.C. Ku, "Stolen-verifier attack on two new strong-password authentication protocols," IEICE Trans. Commun., vol.E85-B, no. 11, pp.2519-2521, Nov. 2002.