Comments on the S/KEY user authentication scheme
ACM SIGOPS Operating Systems Review
Password authentication with insecure communication
Communications of the ACM
A remote user authentication scheme using hash functions
ACM SIGOPS Operating Systems Review
Security enhancement for Optimal Strong-Password Authentication protocol
ACM SIGOPS Operating Systems Review
Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme
ACM SIGOPS Operating Systems Review
Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol
ACM SIGOPS Operating Systems Review
Hi-index | 0.00 |
In 2001, Tseng, Jan, and Chien proposed an improved version of Peyravian-Zunic's password authentication scheme based on the Diffie-Hellman scheme. Later, Yang, Chang, and Hwang demonstrated that Tseng-Jan-Chien's scheme is vulnerable to a modification attack, and then described an improved scheme. In this paper, we show that Yang-Chang-Hwang's scheme is still vulnerable to a denial-of-service attack and a stolen-verifier attack. In addition, we also propose an improved scheme with better security.