Jiping Li
School of Computer and Information Science, Hubei Engineering University, Xiaogan, 432000, China
Zenggang Xiong
School of Computer and Information Science, Hubei Engineering University, Xiaogan, 432000, China
Yaoming Ding
School of Physics and Electronic Information Engineering, Hubei Engineering University, Xiaogan, 432000, China
Shouyin Liu
Department of Electronic and Information Engineering, Central China Normal University, Wuhan, 430079, China
ABSTRACT
Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Due to its significance in building a secure communication channel, a number of password authentication protocols have been suggested over the past years. Among these schemes, Kim et al.s schemes are very novel. In the current work, we are concerned with the security of Kim et al.s schemes. We show that Kim et al.s schemes are vulnerable to a forgery attack in which an attacker can easily construct a forged login message to impersonate the legal user.
PDF References Citation
How to cite this article
Jiping Li, Zenggang Xiong, Yaoming Ding and Shouyin Liu, 2013. Cryptanalysis of Kim et als Two Password Authentication Schemes. Information Technology Journal, 12: 4513-4516.
DOI: 10.3923/itj.2013.4513.4516
URL: https://scialert.net/abstract/?doi=itj.2013.4513.4516
DOI: 10.3923/itj.2013.4513.4516
URL: https://scialert.net/abstract/?doi=itj.2013.4513.4516
REFERENCES
- Fan, L., J.H. Li and H.W. Zhu, 2002. An enhancement of timestamp-based password authentication scheme. Int. J. Comput. Secur., 21: 665-667.
CrossRefDirect Link - Kim, K.W., J.C. Jeon and K.Y. Yoo, 2005. An improvement on Yang et al.'s password authentication schemes. Int. J. Applied Math. Comput., 170: 207-215.
CrossRefDirect Link - Lamport, L., 1981. Password authentication with insecure communication. Commun. ACM, 24: 770-772.
CrossRefDirect Link - Shen, J.J., C.W. Lin and M.S. Hwang, 2003. Security enhancement for the timestamp-based password authentication scheme using smart cards. Int. J. Comput. Secur., 22: 591-595.
CrossRef - Sun, H.M. and H.T. Yeh, 2003. Further cryptanalysis of a password authentication scheme with smart cards. IEICE Trans. Commun., E86-B: 1412-1415.
Direct Link - Yang, C.C., H.W. Yang and R.C. Wang, 2004. Cryptanalysis of security enhancement for the timestamp-based password authentication scheme using smart cards. Int. J. IEEE Trans. Consum. Electr., 50: 578-579.
CrossRefDirect Link - Yang, C.C., R.C. Wang and T.Y. Chang, 2005. An improvement of the yang-shieh password authentication schemes. Int. J. Applied Math. Comput., 162: 1391-1396.
CrossRefDirect Link - Yang, W.H. and S.P. Shieh, 1999. Password authentication schemes with smart cards. Int. J. Comput. Secur., 18: 727-733.
Direct Link