{"title":"Cryptanalysis of password authentication system","authors":"S. Aboud, M. Al-Fayoumi","doi":"10.1109/CSIT.2014.6805972","DOIUrl":null,"url":null,"abstract":"The password authentication systems have been increasing in recent years. Therefore authors have been concentrated these days on introducing more password authentication systems. Thus, in 2011, Lee et al., presented an enhanced system to resolve the vulnerabilities of selected system. But, we notice that Lee et al., system is still weak to server attack and stolen smart card attack. Also, a password change protocol of the system is neither suitable to users nor low efficient. There is no handy data can be gained from the values kept in smart cards. Therefore, a stolen smart card attack can be blocked. To prevent server attack, we suggest transferring a user authentication operation from servers to a registration centre, which can guarantee every server, has another private key.","PeriodicalId":278806,"journal":{"name":"2014 6th International Conference on Computer Science and Information Technology (CSIT)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 6th International Conference on Computer Science and Information Technology (CSIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSIT.2014.6805972","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The password authentication systems have been increasing in recent years. Therefore authors have been concentrated these days on introducing more password authentication systems. Thus, in 2011, Lee et al., presented an enhanced system to resolve the vulnerabilities of selected system. But, we notice that Lee et al., system is still weak to server attack and stolen smart card attack. Also, a password change protocol of the system is neither suitable to users nor low efficient. There is no handy data can be gained from the values kept in smart cards. Therefore, a stolen smart card attack can be blocked. To prevent server attack, we suggest transferring a user authentication operation from servers to a registration centre, which can guarantee every server, has another private key.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
