ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
An improvement of security enhancement for the timestamp-based password authentication scheme using smart cards
Full text PdfPdf (443 KB)
Source ACM SIGOPS Operating Systems Review archive
Volume 38 ,  Issue 3  (July 2004) table of contents
Pages: 91 - 96  
Year of Publication: 2004
ISSN:0163-5980
Authors
Chou-Chen yang  Chaoyang University of Technology
Ren-Ching Wang  Chaoyang University of Technology
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 41,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1035834.1035845
What is a DOI?

ABSTRACT

Recently, Yang and Shieh proposed a timestamp-based and a nonce-based password authentication schemes. In 2002, Chan and Cheng pointed out that Yang and Shieh's timestamp-based password authentication scheme was vulnerable to the forgery attack. However, in 2003, Sun and Yeh pointed out that Chan and Cheng's attack was unreasonable. At the same time, Sun and Yeh pointed out that Yang and Shieh's password authentication schemes were still vulnerable to the forgery attack. Later Shen et al. proposed a modified scheme to resist Chan and Cheng's attack. In this paper, we shall point out that Shen et al.'s improvement is vulnerable to the forgery attack and find their scheme still cannot resist Sun and Yeh's attack. At the same time, we shall propose a solution to resist the above attacks.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
C. K. Chan and L. M. Cheng, "Cryptanalysis of a timestamp-based password authentication scheme," Comput. Secure., vol. 21, no. 1, pp. 74--76, 2002.
 
2
I. N. Herstein, "Topics in Algebra," Xerox Corporation, 1975.
 
3
Min-Shiang Hwang and Li-Hua Li, "A New Remote User Authentication Scheme Using Smart Cards," vol. 46, no. 1, pp. 28--30,2000.
4
Leslie Lamport, Password authentication with insecure communication, Communications of the ACM, v.24 n.11, p.770-772, Nov. 1981  [doi>10.1145/358790.358797]
5
Cheng-Chi Lee , Min-Shiang Hwang , Wei-Peng Yang, A flexible remote user authentication scheme using smart cards, ACM SIGOPS Operating Systems Review, v.36 n.3, p.46-52, July 2002  [doi>10.1145/567331.567335]
 
6
Jau-Ji Shen and Chih-Wei Lin and Min-Shiang Hwang, "Security enhancement for the timestamp-based password authentication scheme using smart cards," Computers & Security, vol. 22, no. 7, pp. 591--595, 2003.
 
7
H. M. Sun, "An Efficient Remote Use Authentication Scheme Using Smart Cards," IEEE Transactions on Consumer Electronics, vol. 46, no. 4, pp. 958--961, Nov. 2000.
 
8
H. M. SUN and H. T. YEH, "Further Cryptanalysis of a Password Authentication Scheme with Smart Cards," IEICE Trans. Commun., vol. E86-B, no. 4, pp. 1412--1415, Apr. 2003.
 
9
T. C. Wu, "Remote Login Authentication Scheme Based on a Geometric Approach," Computer Communications, vol. 18, no. 12, pp. 959--963, 1995.
 
10
W. H. Yang and S. P. Shieh, "Password Authentication Schemes With Smart Cards," Comput. Secur., vol. 18, no. 8, pp. 727--733, 1999.

INDEX TERMS

Keywords:
authentication, forgery attack, password, smart card

Collaborative Colleagues:
Chou-Chen yang: colleagues
Ren-Ching Wang: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player