Password authentication with insecure communication
Communications of the ACM
Research: Remote login authentication scheme based on a geometric approach
Computer Communications
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
| Hi-index | 0.01 |
Recently, Yang and Shieh proposed a timestamp-based and a nonce-based password authentication schemes. In 2002, Chan and Cheng pointed out that Yang and Shieh's timestamp-based password authentication scheme was vulnerable to the forgery attack. However, in 2003, Sun and Yeh pointed out that Chan and Cheng's attack was unreasonable. At the same time, Sun and Yeh pointed out that Yang and Shieh's password authentication schemes were still vulnerable to the forgery attack. Later Shen et al. proposed a modified scheme to resist Chan and Cheng's attack. In this paper, we shall point out that Shen et al.'s improvement is vulnerable to the forgery attack and find their scheme still cannot resist Sun and Yeh's attack. At the same time, we shall propose a solution to resist the above attacks.