[Resource Topic] 2009/610: Security Analysis of A Remote User Authentication Protocol by Liao and Wang

Welcome to the resource topic for 2009/610

Title:
Security Analysis of A Remote User Authentication Protocol by Liao and Wang

Authors: Dang Nguyen Duc, Kwangjo Kim

Abstract:

In Elsevier’s journal of Computer Standards & Interfaces, 2007, Liao and Wang proposed an authentication protocol using smart card and claimed that their protocol provides security against replay attacks, active attacks and insider attacks. In addition, they argued that user anonymity is guaranteed. In this paper, we point out that Liao-Wang protocol is vulnerable to an insider attack by presenting a simple method for a malicious server to impersonate any user authenticating to the server. We also demonstrate that user anonymity can be violated as colluding servers can easily track activities of users.

ePrint: https://eprint.iacr.org/2009/610

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .