Cryptology ePrint Archive: Report 2008/544

Comments on two multi-server authentication protocols

*Yalin Chen 1, Chun-Hui Huang 2, Jue-Sam Chou3

Abstract: Recently, Tsai and Liao et al. each proposed a multi-server authentication protocol. They claimed their protocols are secure and can withstand various attacks. But we found some security loopholes in each protocol. We will show the attacks on their schemes.

Category / Keywords: cryptographic protocols / multi-server, password authentication protocol, server spoofing attack, parallel session attack

Date: received 28 Dec 2008

Contact author: d949702 at oz nthu edu tw

Available format(s): PDF | BibTeX Citation

Version: 20081229:162336 (All versions of this report)

Short URL: ia.cr/2008/544

Discussion forum: Show discussion | Start new discussion