ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Cryptanalysis of a user authentication scheme using hash functions
Full text PdfPdf (301 KB)
Source ACM SIGOPS Operating Systems Review archive
Volume 38 ,  Issue 1  (January 2004) table of contents
Pages: 24 - 28  
Year of Publication: 2004
ISSN:0163-5980
Authors
Sung-Woon Lee  Kyungpook National University Taegu, Korea
Hyun-Sung Kim  Kyungil University Kyungsansi, Kyungsangpookdo, Korea
Kee-Young Yoo  Kyungpook National University Taegu, Korea
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 3,   Downloads (12 Months): 35,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/974104.974106
What is a DOI?

ABSTRACT

Recently, Lee et al. proposed an improved scheme, called LLH scheme, to solve a security problem of guessing attack in the Peyravian-Zunic password scheme. The scheme comprises a password authentication protocol and a password change protocol. However, we discuss that the LLH scheme has several security problems: the scheme is still vulnerable to the guessing attack; the scheme cannot also prevent the stolen-verifier attack; the password change protocol in scheme is vulnerable to a denial of service attack.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
C. C. Chang and S. J. Hwang, "Using smart cards to authenticate remote passwords," Computers and Mathematics with Applications, vol. 26, no. 7, pp. 19--27, 1993.
 
2
Chin-Chen Chang , Wen-Yuan Liao, A remote password authentication scheme based upon ElGamal's signature scheme, Computers and Security, v.13 n.2, p.137-144, April 1994  [doi>10.1016/0167-4048(94)90063-9]
 
3
Min-Shiang Hwang, "Cryptanalysis of remote login authentication scheme," Computer Communications, vol. 22, no. 8, pp. 742--744, 1999.
 
4
Min-Shiang Hwang, "A remote password authentication scheme based on the digital signature method," International Journal of Computer Mathematics, vol. 70, pp. 657--666, 1999.
 
5
Min-Shiang Hwang and L. H. Li, "A new remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28--30, 2000.
6
Cheng-Chi Lee , Min-Shiang Hwang , Wei-Peng Yang, A flexible remote user authentication scheme using smart cards, ACM SIGOPS Operating Systems Review, v.36 n.3, p.46-52, July 2002  [doi>10.1145/567331.567335]
 
7
M. Peyravian and N. Zunic, "Methods for protecting password transmission," Computers & Security, vol. 19, no. 5, pp. 466--469, 2000.
8
Cheng-Chi Lee , Li-Hua Li , Min-Shiang Hwang, A remote user authentication scheme using hash functions, ACM SIGOPS Operating Systems Review, v.36 n.4, p.23-29, October 2002  [doi>10.1145/583800.583803]

INDEX TERMS

Keywords:
authentication, cryptography, guessing attack, hash function, password

Collaborative Colleagues:
Sung-Woon Lee: colleagues
Hyun-Sung Kim: colleagues
Kee-Young Yoo: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player