International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Comment on four two-party authentication protocols

Authors:
Yalin Chen
Jue-Sam Chou
Chun-Hui Huang
Download:
URL: http://eprint.iacr.org/2010/165
Search ePrint
Search Google
Abstract: In this paper, we analyze the protocols of Bindu et al., Goriparthi et al., Wang et al. and Hölbl et al.. After analyses, we found that Bindu et al.’s protocol suffers from the insider attack if the smart card is lost, both Goriparthi et al.’s and Wang et al.’s protocols can’t withstand the DoS attack on the password change phase which makes the password invalid after the protocol run, and Hölbl et al.’s protocol is vulnerable to the insider attack since a malevolent legal user can deduce KGC’s secret key xs.
BibTeX
@misc{eprint-2010-23066,
  title={Comment on four two-party authentication protocols},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / password authentication protocol, insider attack, denial-of-service attack, smart card lost problem, mutual authentication, man-in-the-middle attack},
  url={http://eprint.iacr.org/2010/165},
  note={ jschou@mail.nhu.edu.tw 14696 received 27 Mar 2010},
  author={Yalin Chen and Jue-Sam Chou and Chun-Hui Huang},
  year=2010
}