Date Added: Dec 2009
In Public Wireless LANs (PWLANs), user anonymity is an essential issue. Recently, Juang et al. proposed an anonymous authentication and key exchange protocol using smart cards in PWLANs. They claimed that their proposed scheme provided identity privacy, mutual authentication, and half-forward secrecy. In this paper, the authors point out that Juang et al.'s protocol is vulnerable to the stolen-verifier attack and does not satisfy user anonymity.