A Simple Attack on a Recently Introduced Hash-Based Secure User Authentication Scheme
Küçük Resim Yok
Tarih
2006
Yazarlar
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Int Journal Computer Science & Network Security-Ijcsns
Erişim Hakkı
info:eu-repo/semantics/closedAccess
Özet
User authentication is an important service in network security. Recently, several user authentication protocols have been proposed. However, a scheme which withstands all known attacks is not yet available. The Lee-Li-Hwang (LLH) authentication scheme [3] was proposed to circumvent the guessing attack in the Peyravian-Zunic (PZ) password scheme [6]. However, Yoon, Ryu, and Yoo (YRY) [9] discovered that the LLH scheme still suffers from the denial of service attack, and proposed an enhancement for the LLH scheme to solve its security problems. More recently, Ku, Chiang, and Chang (KCC) [2] demonstrated that the YRY scheme is vulnerable to the offline guessing and the stolen-verifier attacks. In this paper, we show that the YRY scheme is also vulnerable to the denial-ofservice attack. Furthermore, it was also claimed in [2] that the YRY scheme cannot achieve backward secrecy. We show in this paper that this claim is not entirely valid.
Açıklama
Anahtar Kelimeler
Hash function, user authentication, stolen-verifier attack, denial-of-service attack
Kaynak
International Journal Of Computer Science And Network Security
WoS Q Değeri
N/A
Scopus Q Değeri
Cilt
6
Sayı
5B
