A new strong-password authentication scheme using one-way hash functions
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.Get Access
Recently, Sandirigama et al. have proposed an authentication scheme by the name of SAS and have claimed that it has the lowest storage, processing, and transmission overhead. In 2001, Lin et al. showed that the protocol is insecure and proposed an optimal strong-password authentication protocol called the OSPA protocol. However, Chen and Ku pointed out that both SAS and OSPA are vulnerable to stolen-verifier attack in 2002. Later, Lin, Shen, and Hwang proposed a modified OSPA protocol to repair the security law of OSPA protocol. In this paper, we propose a new strong-password authentication protocol that not only can withstand many possible attacks including a stolen-verifier attack, but that is also more efficient than the modified OSPA protocol.
- Chan Chi-Kwong and L. M. Cheng, “Cryptanlysis of Timestamp-Based Password Authentication Scheme,” Computers and Security 21(1) (2002).
- Chien Hung-Yu, Jan Jinn-Ke, and Tseng Yuh-Min, “A Modified Remote Login Authentication Scheme Based on Geometric Approach,” Systems and Software 55 (2001).
- Hwang Min-Shiang, “A Remote Password Authentication Scheme Based on the Digital Signature Method,” International Computer Mathematics 70 (1999).
- Hwang Min-Shiang, Lee Cheng-Chi, and Tang Yuan-Liang, “An Improvement of SPLICE/AS in WIDE Against Guessing Attack,” International Informatica 12(2) (2001).
- Lee Cheng-Chi, Hwang Min-Shiang, and Yang Wei-Pang, “A Flexible Remote User Authentication Scheme Using Smart Cards,” ACM Operating Systems Review 36(3) (2002).
- Lee Cheng-Chi, Li Li-Hua, and Hwang Min-Shiang, “A Remote User Authentication Scheme Using Hash Functions,” ACM Operating Systems Review 36(4) (2002).
- Li Li-Hua, Lin Iuon-Chung, and Hwang Min-Shiang, “A Remote Password Authentication Scheme for Multi-Server Architecture Using Neural Networks,” IEEE Trans. Neural Networks 12(6) (2001).
- Tang Yuan-Liang, Hwang Min-Shiang, and Lee Cheng-Chi, “A Simple Remote User Authentication Scheme,” Mathematical and Computer Modelling 36 (2002).
- Shen Jau-Ji, Lin Chih-Wei, and Hwang Min-Shiang, “A Modified Remote User Authentication Scheme Using Smart Cards Accepted and to Appear in IEEE Trans,” Consumer Electronics (2003).
- W. H. Yang and S. P. Shieh, “Password Authentication Schemes with Smart Cards,” Computers and Security 18(8) (1999).
- M. Sandirigama, A. Shimizu, and M. T. Noda, “Simple and Secure Password Authentication Protocol (Sas),” IEICE Trans. Communications E83-B (2000).
- C. L. Lin, H. M. Sun, and T. Hwang, “Attacks and Solutions on Strong-Password Authentication,” IEICE Trans. Communications E84-B (2001).
- Chen Chien-Ming and Ku Wei-Chi, “Stolen-Verifier Attack on Two New Strong-Password Authentication Protocols,” IEICE Trans. Communications E85-B (2002).
- Lin Chih-Wei, Shen Jau-Ji, and Hwang Min-Shiang, “Security Enhancement for Optimal Strong-Password Authentication Protocol,” ACM Operating Systems Review 37(2) (2003).
- A new strong-password authentication scheme using one-way hash functions
Journal of Computer and Systems Sciences International
Volume 45, Issue 4 , pp 623-626
- Cover Date
- Print ISSN
- Online ISSN
- Additional Links