Security

Analysis and Improvement of a User Authentication Improved Protocol

Free registration required

Executive Summary

Remote user authentication always adopts the method of password to login the server within insecure network environments. Recently, Peyravin and Jeffries proposed a practical authentication scheme based on one-way collision-resistant hash functions. However, Shim and Munilla independently showed that the scheme is vulnerable to off-line guessing attacks. In order to remove the weakness, H?lbl, Welzer and Brumenn presented an improved secure password-based protocols for remote user authentication, password change and session key establishment. Unfortunately, the remedies of their improved scheme cannot work. The improved scheme still suffers from the off-line attacks.

  • Format: PDF
  • Size: 451.98 KB