You are looking at a specific version 20040216:095716 of this paper. See the latest version.

Paper 2004/040

Cryptanalysis of a timestamp-based password authentication scheme

Lizhen Yang, Kefei Chen

Abstract

Recently, J.-J. Shen, C.-W. Lin and M.-S. Hwang (Computers & Security, Vol 22, No 7, pp 591-595, 2003) proposed a modified Yang-Shieh scheme to enhance security. They claimed that their modified scheme can withstand the forged login attack and also provide a mutual authentication method to prevent the forged server attack. In this paper, we show that the Shen-Lin-Hwang scheme cannot resist the forged login attack either. The intruder is able to forge a valid forge request of a legitimate user Ui and then successfully impersonate him by intercepting a login request sent by Ui and registering a smart card.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. unpublicized
Contact author(s)
yang-lz @ cs sjtu edu cn
History
2004-02-16: received
Short URL
https://ia.cr/2004/040
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.