Paper 2010/165

Comment on four two-party authentication protocols

Yalin Chen, Jue-Sam Chou, and Chun-Hui Huang

Abstract

In this paper, we analyze the protocols of Bindu et al., Goriparthi et al., Wang et al. and Hölbl et al.. After analyses, we found that Bindu et al.’s protocol suffers from the insider attack if the smart card is lost, both Goriparthi et al.’s and Wang et al.’s protocols can’t withstand the DoS attack on the password change phase which makes the password invalid after the protocol run, and Hölbl et al.’s protocol is vulnerable to the insider attack since a malevolent legal user can deduce KGC’s secret key xs.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
password authentication protocolinsider attackdenial-of-service attacksmart card lost problemmutual authenticationman-in-the-middle attack
Contact author(s)
jschou @ mail nhu edu tw
History
2010-03-28: received
Short URL
https://ia.cr/2010/165
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/165,
      author = {Yalin Chen and Jue-Sam Chou and Chun-Hui Huang},
      title = {Comment on four two-party authentication protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/165},
      year = {2010},
      url = {https://eprint.iacr.org/2010/165}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.