Title :
Security enhancement for two remote user authentication schemes
Author :
Peng Shuanghe ; Zhen, Han ; JiQiang, Liu
Author_Institution :
Res. Center of Inf. Security Archit., Beijing Jiaotong Univ., China
fDate :
31 Aug.-4 Sept. 2004
Abstract :
In 2002, Lee, Li, and Hwang proposed a hash-based password authentication scheme that is efficient and can be easily implemented. Recently Ku, Chen, and Lee demonstrated that Lee-Li-Hwang´s hash-based password authentication scheme is vulnerable to the off line guessing attack, the denial of service attack, and the stolen verifier attack. In 2003, Chih-Wei Lin et al. proposed a security enhancement for optimal strong password authentication protocol. This paper, however, will demonstrate that Chih-Wei Lin´s scheme is vulnerable to the denial of service attack. In this article, we shall propose improved schemes to these two remote user authentication schemes, which make them able to withstand denial of service attack and have about the same computational cost as originals.
Keywords :
message authentication; telecommunication security; telecommunication services; denial of service attack; hash-based password authentication scheme; off line guessing attack; password authentication protocol; security enhancement; stolen verifier attack; user authentication scheme; Authentication; Computational efficiency; Computer crime; Databases; Information security; Protocols; Random number generation; Resists;
Conference_Titel :
Signal Processing, 2004. Proceedings. ICSP '04. 2004 7th International Conference on
Print_ISBN :
0-7803-8406-7
DOI :
10.1109/ICOSP.2004.1442321
