CryptoDB
Cryptanalysis of a timestamp-based password authentication scheme
Authors: | |
---|---|
Download: | |
Abstract: | Recently, J.-J. Shen, C.-W. Lin and M.-S. Hwang (Computers & Security, Vol 22, No 7, pp 591-595, 2003) proposed a modified Yang-Shieh scheme to enhance security. They claimed that their modified scheme can withstand the forged login attack and also provide a mutual authentication method to prevent the forged server attack. In this paper, we show that the Shen-Lin-Hwang scheme cannot resist the forged login attack either. The intruder is able to forge a valid forge request of a legitimate user Ui and then successfully impersonate him by intercepting a login request sent by Ui and registering a smart card. |
BibTeX
@misc{eprint-2004-12016, title={Cryptanalysis of a timestamp-based password authentication scheme}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols /}, url={http://eprint.iacr.org/2004/040}, note={unpublicized yang-lz@cs.sjtu.edu.cn 12462 received 13 Feb 2004}, author={Lizhen Yang and Kefei Chen}, year=2004 }