Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol

Artigo

Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol

2003; Association for Computing Machinery; Volume: 37; Issue: 4 Linguagem: Inglês

10.1145/958965.958968

ISSN

1943-586X

Autores

Wei‐Chi Ku, Hao-Chuan Tsai, Shuai-Min Chen,

Tópico(s)

Biometric Identification and Security

Resumo

In 2001, Lin, Sun, and Hwang proposed a strong-password authentication protocol, OSPA, which was later found to be vulnerable to a stolen-verifier attack and a man-in-the-middle attack. Recently, Lin, Shen, and Hwang [10] proposed an improved protocol of OSPA and showed that the improved protocol can resist the guessing attack, the replay attack, the impersonation attack, and the stolen-verifier attack. Herein, we show that their protocol is still vulnerable to a replay attack and a denial-of-service attack.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol