- 期刊
Weaknesses of a Remote User Password Authentication Scheme Using Smart Card
並列摘要
Remote authentication is a method to authenticate remote users over insecure communication channel. Password-based authentication schemes have been widely deployed to verify the legitimacy of remote users. Very recently, Hsiang et al. pointed out that Yoon et al's scheme is vulnerable to parallel session attack, masquerading at- tack and password guess attack. They proposed an improved scheme to remedy these pitfalls. They claimed their scheme can against parallel session attack, masquerading attack and password guess attack. However, we find that Hsiang et al.'s scheme is vulnerable password guess attack, masquerading user attack and masquerading server attack.
延伸閱讀
- 廖鴻圖、林建福、蕭麗齡、鄭惠菱(2007)。A Password-based Authentication Scheme Using Smart Cards。資訊管理學報,14(3),179-196。https://doi.org/10.6382/JIM.200707.0179
- He, D., Chen, J., & Hu, J. (2012). Improvement on a Smart Card Based Password Authentication Scheme. 網際網路技術學刊, 13(3), 405-409. https://doi.org/10.6138/JIT.2012.13.3.04
- Cheng, Z. Y., Liu, Y., Chang, C. C., & Chang, S. C. (2012). An Improved Protocol for Password Authentication Using Smart Cards. 電腦學刊, 22(4), 28-37. https://www.airitilibrary.com/Article/Detail?DocID=19911599-201202-201203030082-201203030082-27-36
- Liu, Y. J., Chang, C. C., & Chang, S. C. (2016). An Efficient and Secure Smart Card Based Password Authentication Scheme. International Journal of Network Security, (), 1-10. https://doi.org/10.6633/IJNS.201701.19(1).01
- Liu, Y., Chang, C. C., & Chang, S. C. (2017). An Efficient and Secure Smart Card Based Password Authentication Scheme. International Journal of Network Security, 19(1), 1-10. https://doi.org/10.6633/IJNS.201701.19(1).01