You are looking at a specific version 20040216:095716 of this paper.
See the latest version.
Paper 2004/040
Cryptanalysis of a timestamp-based password authentication scheme
Lizhen Yang, Kefei Chen
Abstract
Recently, J.-J. Shen, C.-W. Lin and M.-S. Hwang (Computers & Security, Vol 22, No 7, pp 591-595, 2003) proposed a modified Yang-Shieh scheme to enhance security. They claimed that their modified scheme can withstand the forged login attack and also provide a mutual authentication method to prevent the forged server attack. In this paper, we show that the Shen-Lin-Hwang scheme cannot resist the forged login attack either. The intruder is able to forge a valid forge request of a legitimate user Ui and then successfully impersonate him by intercepting a login request sent by Ui and registering a smart card.
Metadata
- Available format(s)
- PDF PS
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. unpublicized
- Contact author(s)
- yang-lz @ cs sjtu edu cn
- History
- 2004-02-16: received
- Short URL
- https://ia.cr/2004/040
- License
-
CC BY