A new method for using hash functions to solve remote user authentication

Authors:
Tzung-Her Chen;Wei-Bin Lee
Affiliations:
Department of Computer Science and Information Engineering, National Chiayi University, 300 University Road, Chiayi City, Taiwan 600, ROC;Department of Information Engineering, Feng Chia University, 100 Wenhwa Road, Seatwen Taichung, Taiwan 407, ROC
Venue:
Computers and Electrical Engineering
Year:
2008

Citing 9
Cited 7

A remote password authentication scheme based upon ElGamal's signature scheme

Computers and Security
“Paramita wisdom” password authentication scheme without verification tables

Journal of Systems and Software
Password authentication with insecure communication

Communications of the ACM
A remote user authentication scheme using hash functions

ACM SIGOPS Operating Systems Review
Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme

ACM SIGOPS Operating Systems Review
A secure user authentication scheme using hash functions

ACM SIGOPS Operating Systems Review
Weaknesses of Yoon-Ryu-Yoo's hash-based password authentication scheme

ACM SIGOPS Operating Systems Review
Security of Improvement on Methods for Protecting Password Transmission

Informatica
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

Enhanced password-based simple three-party key exchange protocol

Computers and Electrical Engineering
Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments

Computer Standards & Interfaces
A novel user-participating authentication scheme

Journal of Systems and Software
A novel mutual authentication scheme for USB storage devices

Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
A user friendly authentication scheme with anonymity for wireless communications

Computers and Electrical Engineering
A secure user-friendly authentication scheme with anonymity for wireless communications

Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
A Biometric Authentication Scheme for Telecare Medicine Information Systems with Nonce

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, Peyravian and Zunic proposed the remote password authentication schemes only based on the collision-resistant hash function. The schemes are, therefore, easy to implement and simple to use. The attractive properties cause a series of discussion. Several security flaws are found and remedied. Unfortunately, most of the remedies either are insecure or violate the original advantages because of involving public-key cryptosystems or modular exponential operations. Hence, it is still a challenge to design a secure scheme abiding by the beneficial assumption of the Peyravian-Zunic schemes. The proposed scheme not only keeps the original advantages (user friendness and computational cheapness) but also highlights certain of valuable features, such as (1) mutual authentication (higher security level), (2) server's ignorance of users' passwords (further security guaranee to users, specially for financial services), (3) immunity from maintaining security-sensitive table (maintaining burden reduction to servers), and so forth.