A secure and efficient strong-password authentication protocol

Authors:
Ya-Fen Chang;Chin-Chen Chang
Affiliations:
National Chung Cheng University, Taiwan;National Chung Cheng University, Taiwan
Venue:
ACM SIGOPS Operating Systems Review
Year:
2004

Citing 8
Cited 5

Reducing risks from poorly chosen keys

SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Undetectable on-line password guessing attacks

ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange

ACM SIGCOMM Computer Communication Review
Password authentication with insecure communication

Communications of the ACM
Security enhancement for optimal strong-password authentication protocol

ACM SIGOPS Operating Systems Review
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques

A Secure Strong-Password Authentication Protocol

Fundamenta Informaticae
Threshold password authentication against guessing attacks in Ad hoc networks

Ad Hoc Networks
A smart card based authentication protocol for strong passwords

ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Remote authentication with forward security

ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
A Secure Strong-Password Authentication Protocol

Fundamenta Informaticae

Quantified Score

Hi-index	0.00

Visualization

Abstract

Password authentication protocols are divided into two types. One employs the easy-to-remember password while the other requires the strong password. In 2001, Lin et al. proposed an optimal strong-password authentication protocol (OSPA) to resist the replay attack and the denial-of-service attack. However, Chen and Ku pointed out that the OSPA protocol is vulnerable to the stolen-verifier attack. Hence, Lin et al. presented an enhancement in 2003. Nevertheless, mutual authentication is not ensured in Lin et al.'s protocol such that it suffers from the server spoofing attack. Moreover, Lin et al.'s protocol is also vulnerable to the denial-of-service attack. As a result, we present a secure strong-password authentication protocol in this paper to overcome their disadvantages.