International Association
for Cryptologic Research

The design of secure and efficient smart-card-based password authentication schemes remains a challenging problem today despite two decades of intensive research in the security community, and the current crux lies in how to achieve truly two-factor security even if the smart cards can be tampered. In this paper, we analyze two recent proposals in this area, namely, Hsieh-Leu\'s scheme and Wang\'s PSCAV scheme. We demonstrate that, under their non-tamper-resistance assumption of the smart cards, both schemes are still prone to offline dictionary attack, in which an attacker can obtain the victim\'s password when getting temporary access to the victim\'s smart card. This indicates that compromising a single factor (i.e., the smart card) of these two schemes leads to the downfall of both factors (i.e., both the smart card and the password), thereby invalidating their claim of preserving two-factor security. Remarkably, our attack on the latter protocol, which is not captured in Wang\'s original protocol security model, reveals a new and realistic attacking scenario and gives rise to the strongest adversary model so far (Note that Wang\'s PSCAV scheme is secure within its own but weak security model). In addition, we make the first attempt to explain why smart cards, instead of common cheap storage devices (e.g., USB sticks), are preferred in most two-factor authentication schemes for security-critical applications.