International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Cryptanalysis of a timestamp-based password authentication scheme

Authors:
Lizhen Yang
Kefei Chen
Download:
URL: http://eprint.iacr.org/2004/040
Search ePrint
Search Google
Abstract: Recently, J.-J. Shen, C.-W. Lin and M.-S. Hwang (Computers & Security, Vol 22, No 7, pp 591-595, 2003) proposed a modified Yang-Shieh scheme to enhance security. They claimed that their modified scheme can withstand the forged login attack and also provide a mutual authentication method to prevent the forged server attack. In this paper, we show that the Shen-Lin-Hwang scheme cannot resist the forged login attack either. The intruder is able to forge a valid forge request of a legitimate user Ui and then successfully impersonate him by intercepting a login request sent by Ui and registering a smart card.
BibTeX
@misc{eprint-2004-12016,
  title={Cryptanalysis of a timestamp-based password authentication scheme},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols /},
  url={http://eprint.iacr.org/2004/040},
  note={unpublicized yang-lz@cs.sjtu.edu.cn 12462 received 13 Feb 2004},
  author={Lizhen Yang and Kefei Chen},
  year=2004
}