You are viewing a javascript disabled version of the site. Please enable Javascript for this site to function properly.
Go to headerGo to navigationGo to searchGo to contentsGo to footer
In content section. Select this link to jump to navigation

Weaknesses and Improvements of Yang–Chang–Hwang's Password Authentication Scheme

Article type: Research Article

Authors: Ku, Wei‐Chi | Tsai, Hao‐Chuan

Affiliations: Department of Computer Science and Information Engineering, Fu Jen Catholic University, 510 Chung Cheng Road, Hsinchuang, Taipei County, Taiwan 242, R.O.C., e‐mail: [email protected]

Abstract: In 2001, Tseng, Jan, and Chien proposed an improved version of Peyravian–Zunic's password authentication scheme based on the Diffie–Hellman scheme. Later, Yang, Chang, and Hwang demonstrated that Tseng–Jan–Chien's scheme is vulnerable to a modification attack, and then described an improved scheme. In this paper, we show that Yang–Chang–Hwang's scheme is still vulnerable to a denial‐of‐service attack and a stolen‐verifier attack. In addition, we also propose an improved scheme with better security.

Keywords: password authentication, denial‐of‐service attack, stolen‐verifier attack

Journal: Informatica, vol. 16, no. 2, pp. 203-212, 2005

Received May 2004
|
Published: 2005
Price: EUR 27.50
Show more