Guessing attacks on strong-password authentication protocol

International Journal of Network Security

Volumn 15, Issue 1, 2013, Pages 64-67

  Lee, Cheng Chi ^a   Liu, Chia Hsin ^b   Hwang, Min Shiang ^c  

^a FU JEN CATHOLIC UNIVERSITY   (Taiwan)

^b ASIA UNIVERSITY   (Taiwan)

^c NATIONAL TAIPEI UNIVERSITY OF TECHNOLOGY   (Taiwan)

Author keywords

Authentication; Cryptography; Guessing attack; Hash function; Password

Indexed keywords

AUTHENTICATION PROTOCOLS; DENIAL OF SERVICE ATTACKS; GUESSING ATTACKS; IMPERSONATION ATTACK; ONE-TIME PASSWORDS; PASSWORD; PASSWORD AUTHENTICATION;

AUTHENTICATION; CRYPTOGRAPHY; HASH FUNCTIONS;

COMPUTER CRIME;

EID: 84875095444     PISSN: 1816353X     EISSN: 18163548     Source Type: Journal    
DOI: None     Document Type: Article

References (27)

1. J. Botting, "Security on the Internet: Authenticating the user," Telecommunications, vol. 31, no. 12, pp. 77-80, 1997.
2. C. M. Chen and W. C. Ku, "Stolen-verifier attack on two new strong-password authentication protocols," IEICE Transactions on Communications, vol. E85-B, pp. 2519-2521, November 2002.
3. D. He, J. Chen, and J. Hu, "Weaknesses of a remote user password authentication scheme using smart card," International Journal of Network Security, vol. 13, no. 1, pp. 58-60, 2011.
4. D. He, J. Chen, and J. Hu, "Weaknesses of a remote user password authentication scheme using smart card," International Journal of Network Security, vol. 13, no. 1, pp. 58-60, 2011.
5. M. S. Hwang, "A remote password authentication scheme based on the digital signature method," International Journal of Computer Mathematics, vol. 70, pp. 657-666, 1999.
6. M. S. Hwang, S. K. Chong, and T. Y. Chen, "Dos-resistant id-based password authentication scheme using smart cards," Journal of Systems and Software, vol. 83.
7. M. S. Hwang, C. C. Lee, and Y. L. Tang, "An improvement of SPLICE/AS in WIDE against guessing attack," International Journal of Informatica, vol. 12, no. 2, pp. 297-302, 2001.
8. M. S. Hwang and L. H. Li, "A new remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28-30, 2000.
9. M. Kumar, "An enhanced remote user authentication scheme with smart card," International Journal of Network Security, vol. 10, no. 3, pp. 175-184, 2010.
10. M. Kumar, "A new secure remote user authentication scheme with smart cards," International Journal of Network Security, vol. 11, no. 2, pp. 88-93, 2010.
11. M. Kumar, M. K. Gupta, and S. Kumari, "An improved efficient remote password authentication scheme with smart card over insecure networks," International Journal of Network Security, vol. 13, no. 3, pp. 167-177, 2011.
12. L. H. Li, I. C. Lin, and M. S. Hwang, "A remote password authentication scheme for multiserver architecture using neural networks," IEEE Transactions on Neural Networks, vol. 12, no. 6, pp. 1498-1504, 2001.
13. I. E. Liao, C. C. Lee, and M. S. Hwang, "A password authentication scheme over insecure networks," Journal of Computer and System Sciences, vol. 72, no. 4, pp. 727-740, 2006.
14. C. L. Lin, H. M. Sun, and T. Hwang, "Attacks and solutions on strong-password authentication," IE-ICE Transactions on Communications, vol. E84-B, pp. 2622-2627, September 2001.
15. C. W. Lin, C. S. Tsai, and M. S. Hwang, "A new strong-password authentication scheme using one-way hash functions," International Journal of Computer and Systems Sciences, vol. 45, no. 4, pp. 623-626, 2006.
16. I. C. Lin, M. S. Hwang, and L. H. Li, "A new remote user authentication scheme for multiserver architecture," Future Generation Computer Systems, vol. 19, no. 1, pp. 13-22, 2003.
17. R. Ramasamy and A. P. Muniyandi, "An efficient password authentication scheme for smart card," International Journal of Network Security, vol. 14, no. 3, pp. 180-186, 2012.
18. M. Sandirigama, A. Shimizu, and M. T. Noda, "Simple and secure password authentication protocol (SAS)," IEICE Transactions on Communications, vol. E83-B, pp. 1363-1365, June 2000.
19. J. J. Shen, C. W. Lin, and M. S. Hwang, "A modified remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, vol. 49, no. 2, pp. 414-416, 2003.
20. J. J. Shen, C. W. Lin, and M. S. Hwang, "Security enhancement for the timestamp-based password authentication scheme using smart cards," Computers & Security, vol. 22, no. 7, pp. 591-595, 2003.
21. S. K. Sood, A. K. Sarje, and K. Singh, "Inverse cookie-based virtual password authentication protocol," International Journal of Network Security, vol. 13, no. 2, pp. 98-108, 2011.
22. Y. L. Tang, M. S. Hwang, and C. C. Lee, "A simple remote user authentication scheme," Mathematical and Computer Modelling, vol. 36, pp. 103-107, 2002.
23. T. Tsuji and A. Shimizu, "An impersonation attack on one-time password authentication protocol OSPA," IEICE Transactions on Communications, vol. E86-B, no. 7, pp. 2182-2185, 2003.
24. H. C. Wu, M. S. Hwang, and C. H. Liu, "A secure strong-password authentication protocol," Fundamenta Informaticae, vol. 68, pp. 399-406, 2005.
25. C. C. Yang, T. Y. Chang, and M. S. Hwang, "The security of the improvement on the methods for protecting password transmission," Informatica, vol. 14, no. 4, pp. 551-558, 2003.
26. C. C. Yang, T. Y. Chang, J. W. Li, and M. S. Hwang, "Security enhancement for protecting password transmission," IEICE Transactions on Communications, vol. E86-B, no. 7, pp. 2178-2181, 2003.
27. L. Yang, J. F. Ma, and Q. Jiang, "Mutual authentication scheme with smart cards and password under trusted computing," International Journal of Network Security, vol. 14, no. 3, pp. 156-163, 2012.