CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Comments on the S/KEY user authentication scheme
ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Password authentication with insecure communication
Communications of the ACM
Security enhancement for Optimal Strong-Password Authentication protocol
ACM SIGOPS Operating Systems Review
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Efficient protocols secure against guessing and replay attacks
ICCCN '95 Proceedings of the 4th International Conference on Computer Communications and Networks
A hash-based strong-password authentication scheme without using smart cards
ACM SIGOPS Operating Systems Review
Efficient and secure password authentication schemes for low-power devices
International Journal of Sensor Networks
A proactive wireless self-protection system
Proceedings of the 5th international conference on Pervasive services
A smart card based authentication protocol for strong passwords
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Efficient and secure password authentication schemes for low-power devices
MSN'05 Proceedings of the First international conference on Mobile Ad-hoc and Sensor Networks
Hi-index | 0.00 |
In 2001, Lin, Sun, and Hwang proposed a strong-password authentication protocol, OSPA, which was later found to be vulnerable to a stolen-verifier attack and a man-in-the-middle attack. Recently, Lin, Shen, and Hwang [10] proposed an improved protocol of OSPA and showed that the improved protocol can resist the guessing attack, the replay attack, the impersonation attack, and the stolen-verifier attack. Herein, we show that their protocol is still vulnerable to a replay attack and a denial-of-service attack.