Welcome to the resource topic for 2009/560
Title:
On the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme
Authors: Manoj Kumar
Abstract:User authentication is an essential task for network security. To serve this purpose,in the past years, several strong password authentication schemes have been proposed, but none of them probably withstand to known security threats. In 2004, W. C. Ku proposed a new hash based strong password authentication scheme and claimed that the proposed scheme withstands to replay, password fie compromise, denial of service and insider attack. This paper analyzes W. C. Ku’s scheme and found that the proposed scheme does not support mutual authentication, session key generation phase for secure communication. In addition, in W. C. Ku’s scheme, the user is not free to change his password. However, in this paper, we show that W. C. Ku’s scheme is still vulnerable to insider, man in the middle, password guessing, replay, impersonation, stolen verifier and denial of service attacks.
ePrint: https://eprint.iacr.org/2009/560
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .