Cryptology ePrint Archive: Report 2010/181

Cryptanalysis of a DoS-resistant ID-based password authentication

He Debiao, Chen Jianhua, Hu Jin

Abstract: Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, Hwang et al. proposed a DoS-resistant ID-based password authentication scheme using smart cards. In the current work, we are concerned with the password security of the Hwang et al.’s scheme. We first show that their scheme is vulnerable to a password guessing attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of their scheme.

Category / Keywords: cryptographic protocols / Authentication; Security; Cryptanalysis; Smart card; Attacks

Publication Info: The paper has not been published.

Date: received 5 Apr 2010

Contact author: hedebiao at 163 com

Available format(s): PDF | BibTeX Citation

Version: 20100409:144614 (All versions of this report)

Short URL: ia.cr/2010/181

Discussion forum: Show discussion | Start new discussion