Security

New Robust Protocols for Remote User Authentication and Password Change

Download Now Free registration required

Executive Summary

In 2008, Holbl et al. proposed improvements of Peyravian and Jeffries's DH (Diffie-Hellman)-based authentication protocol and password change protocol that can withstand the Shim's and Munilla et al.'s proposed off-line password guessing at-tacks. However, the authors found out that their protocols are still susceptible to off-line password guessing attacks and do not secure against stolen-verifier attacks. Accordingly, this paper shows the vulnerability of Holbl et al.'s improved protocols to off-line password guessing attacks and stolen-verifier attacks and then proposes new robust protocols for remote user authentication and password change to resolve such problems.

  • Format: PDF
  • Size: 156.54 KB