Paper 2009/561

Improvements on two password-based authentication protocols

Yalin Chen, Jue-Sam Chou, and Chun-Hui Huang

Abstract

Recently, Liao et al. and Hölbl et al. each proposed a user authentication protocol, respectively. Both claimed that their schemes can withstand various attacks. However, Xiang et al. pointed out Liao et al.’s protocol suffers from three kinds of attacks, the replay attack, the guessing attack, and the Denial-of-service (DoS) attack. Moreover, we and Munilla et al. also found Hölbl et al.’s protocol suffers from the password guessing attack. In this paper, we will propose the two protocols’ improvements respectively. After analyses and comparisons, we conclude that our improvements are not only more secure but also more efficient in communication cost than all of the proposed password based schemes that we know.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
smart cardpassword authentication protocolpassword changeman-in-the-middle attackdenial-of-service attacksmart-card-lost attackoff-line password guessing attackmutual authenticatio
Contact author(s)
jschou @ mail nhu edu tw
History
2009-11-22: received
Short URL
https://ia.cr/2009/561
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/561,
      author = {Yalin Chen and Jue-Sam Chou and Chun-Hui Huang},
      title = {Improvements on two password-based authentication protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/561},
      year = {2009},
      url = {https://eprint.iacr.org/2009/561}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.