Cryptology ePrint Archive: Report 2011/702
Comments of an efficient and secure multi-server authentication scheme with key agreement
Abstract: Recently, Tsaur et al. proposed an authentication scheme for multi-server environments and claimed their scheme could withstand various attacks. In this letter, we will point out that Tsaur et al. scheme is not suitable for multi-server environments since the user has to register for every server. Furthermore, we will show Tsaur et al. scheme is vulnerable to the password guessing attack and the privileged insider attack.
Category / Keywords: multi-server, password authentication protocol, smart card, password change, key agreement
Publication Info: The paper has not published.
Date: received 23 Dec 2011, last revised 1 Jan 2012
Contact author: chenyitao math at gmail com
Available formats: PDF | BibTeX Citation
Version: 20120102:022753 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]