Ya‐Fen Chang, Chin‐Chen Chang,
Password authentication protocols are divided into two types. One employs the easy-to-remember password while the other requires ... 2001, Lin et al. proposed an optimal strong-password authentication protocol (OSPA) to resist the replay attack and the ... As a result, we present a secure strong-password authentication protocol in this paper to overcome their disadvantages.
Tópico(s): Biometric Identification and Security
2004 - Association for Computing Machinery | ACM SIGOPS Operating Systems Review
Sandeep K. Sood, Anil K. Sarje, Kuldip Singh,
... paper, we propose an inverse cookie based virtual password authentication protocol that preserves the advantages of basic password authentication ... removes some of the deficiencies of previously suggested password based authentication protocols.
Tópico(s): Spam and Phishing Detection
2011 - | International journal of network security
Siqi Ma, Elisa Bertino, Surya Nepal, Juanru Li, Diethelm Ostry, Robert H. Deng, Sanjay Jha,
... users to remember, and simple to implement. The password authentication protocol transmits passwords in plaintext, which makes the authentication ... protect against this. However, we find that secure password authentication protocols are often implemented incorrectly in Android applications (apps). To detect the implementation flaws in password authentication code, we propose GLACIATE, a fully automated tool ...
Tópico(s): Digital and Cyber Forensics
2019 - Springer Science+Business Media | Lecture notes in computer science
Hsien-Chu Wu, Min‐Shiang Hwang, Chia-Hsin Liu,
... 2001, Lin et al. proposed the optimal strong-password authentication protocol, called (OSPA) which is a one-time password method by verifying with the different verifier every ...
Tópico(s): Cryptography and Data Security
2005 - IOS Press | Fundamenta Informaticae
Her‐Tyan Yeh, Hung–Min Sun, Tzonelih Hwang,
... enhanced version of the generalized key agreement and password authentication protocol, proposed by Kwon and Song (see IEICE Trans. Commun., vol.E83-B, no.9, p.2044-50, Sept. 2000), is insecure against off-line password guessing attacks.
Tópico(s): Biometric Identification and Security
2001 - IEEE Communications Society | IEEE Communications Letters
Chih‐Wei Lin, Jau-Ji Shen, Min‐Shiang Hwang,
... 2001, Lin et al. proposed an optimal strong-password authentication protocol called the OSAP protocol. However, Chen and Ku ...
Tópico(s): Cryptography and Data Security
2003 - Association for Computing Machinery | ACM SIGOPS Operating Systems Review
... Jeong-Won-Kim proposed a hash-based strong-password authentication protocol and claimed that the protocol is secure against ... attack. Furthermore, we present a secure hash-based password authentication protocol using smartcards to cope with the vulnerabilities. Security ...
Tópico(s): Biometric Identification and Security
2011 - Springer Science+Business Media | Lecture notes in computer science
Chih‐Wei Lin, Jau-Ji Shen, Min‐Shiang Hwang,
... 2001, Lin et al. proposed an optimal strong-password authentication protocol called the OSAP protocol. However, Chen and Ku ...
Tópico(s): Cryptography and Data Security
2003 - Association for Computing Machinery | ACM SIGOPS Operating Systems Review
Hanjae Jeong, Dongho Won, Seungjoo Kim,
... Kim-Koc proposed a secure hash-based strong-password authentication protocol using one-time public key cryptography. He claimed ...
Tópico(s): Cryptographic Implementations and Security
2010 - Institute of Information Science | Journal of information science and engineering
... security and management problems that occur in traditional password authentication protocols, research in recent decades has focused on smart card based password authentication. In this paper, we show that the improved smart card authentication scheme proposed by Xu-Zhu-Feng is vulnerable to internal and impersonation attacks. We propose an improvement of their solution, present a new efficient strong smart card authentication protocol, and demonstrate that the new protocol satisfies the ...
Tópico(s): Biometric Identification and Security
2010 - Elsevier BV | Computer Standards & Interfaces
Wei‐Chi Ku, Hao-Chuan Tsai, Shuai-Min Chen,
... 2001, Lin, Sun, and Hwang proposed a strong-password authentication protocol, OSPA, which was later found to be vulnerable ...
Tópico(s): Biometric Identification and Security
2003 - Association for Computing Machinery | ACM SIGOPS Operating Systems Review
Chandrashekhar Meshram, Sarita Gajbhiye Meshram, Rabha W. Ibrahim, Hamid A. Jalab, Sajjad Shaukat Jamal, Sharad Kumar Barve,
... been greater and greater demands for remote user password authentication protocols. In current ages, smartcard-based authentication protocol has ...
Tópico(s): Chaos-based Image/Signal Encryption
2021 - Springer Science+Business Media | Complex & Intelligent Systems
... password scheme. The Hwang-Yeh scheme comprises a password authentication protocol, a password change protocol, and can also provide key distribution. ...
Tópico(s): Biometric Identification and Security
2003 - Elsevier BV | Computers & Security
Cheng‐Chi Lee, Chia-Hsin Liu, Min‐Shiang Hwang,
Password authentication is the most important and convenient protocol for verifying users to get the system’s resources. Lin et al. had proposed an optimal strongpassword authentication protocol (OSPA) which is a onetime password method. It can protect against the replaying attacks, ...
Tópico(s): Biometric Identification and Security
2013 - | International journal of network security
... authentication key. We present and analyze several simple password authentication protocols in this scenario, and show that the security ... our analysis shows optimal resistance to off-line password guessing attacks under the choice of suitable public key encryption functions. In addition to user authentication, we describe ways to enhance these protocols to provide two-way authentication, authenticated key exchange, defense against server's compromise, and user anonymity. We complement these results with a proof that strongly indicates that public key techniques are unavoidable for password protocols that resist off-line guessing attacks. As a ...
Tópico(s): Biometric Identification and Security
1999 - Association for Computing Machinery | ACM Transactions on Information and System Security
... very important part of the security. Several strong-password authentication protocols have been introduced, but there is no fully secure authentication scheme that can resist all known attacks. We propose enhanced secure schemes with registration and login protocols, and add the forget password and password/verifier change protocols. We show that ...
Tópico(s): Biometric Identification and Security
2008 - Institute of Information Science | Journal of information science and engineering
Peng Wang, Yongdae Kim, Vishal Kher, Taekyoung Kwon,
... This paper presents a simple scheme that strengthens password-based authentication protocols and helps prevent online dictionary attacks as well ...
Tópico(s): Biometric Identification and Security
2005 - Springer Science+Business Media | Lecture notes in computer science
Fanbao Liu, Tao Xie, Yumeng Feng, Dengguo Feng,
... peers' PPPoE connections and negotiating for using the Password Authentication Protocol (PAP). We further propose an efficient password recovery attack against the Challenge‐Handshake Authentication Protocol (CHAP). We first recover the length of the used password through on‐line queries, based on the weakness ... pre‐processing. Then, we crack the known‐length password off‐line, using the probabilistic context‐free grammars. We point out that PPPoE cannot be used anymore until all of the weak authentication protocols including PAP, CHAP, and Microsoft CHAP are abolished ...
Tópico(s): Advanced Malware Detection Techniques
2012 - Hindawi Publishing Corporation | Security and Communication Networks
Tópico(s): IPv6, Mobility, Handover, Networks, Security
2004 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Communications
Bin‐Tsan Hsieh, Hung–Min Sun, Tzonelih Hwang,
... auxiliary devices, such as smart card.A user authentication protocol via username and password should basically withstand the off-line password guessing ...
Tópico(s): Biometric Identification and Security
2003 - IOS Press | Informatica
Michael Szydlo, Burton S. Kaliski,
... models the basic security requirement for two-server password authentication protocols, and in this framework provides concrete security proofs ...
Tópico(s): User
2005 - Springer Science+Business Media | Lecture notes in computer science
Password-based authentication protocols are currently the conventional authentication protocols in many distributed systems. However, the security of these protocols ... Simple And Secure (SAS) protocol, the Optimal Strong-Password Authentication (OSPA) protocol, and the revised SAS protocols are examined in ...
Tópico(s): Cryptography and Data Security
2003 - Oxford University Press | The Computer Journal
... keys on demand from remote credential servers, using password authentication protocols that prevent password guessing attacks from the network. Ford and Kaliski’ ...
Tópico(s): Cryptography and Data Security
2001 - Springer Science+Business Media | Lecture notes in computer science
Xu Zhuang, Chin‐Chen Chang, Zhi‐Hui Wang, Yan Zhu,
Password authentication protocol is one of most important mechanisms to prevent resources from accessing by unauthorized users. Many password authentication schemes have been developed in last decades, and many of them are based on the use of smart ...
Tópico(s): Advanced Steganography and Watermarking Techniques
2014 - | International journal of network security
Taekyoung Kwon, Young-Ho Park, Hee Jung Lee,
... analyze and improve the security of the efficient password-based authentication protocol that has been proposed recently in the Australasian ...
Tópico(s): Cryptography and Data Security
2005 - IEEE Communications Society | IEEE Communications Letters
María Isabel González Vasco, Angel Perez del Pozo, Claudio Soriente,
... hybrid offspring of standard key exchange and anonymous password authentication protocols. \sf APAKEAPAKE allows a client holding a low-entropy password to establish a session key with a server, ...
Tópico(s): Cryptography and Data Security
2019 - IEEE Computer Society | IEEE Transactions on Dependable and Secure Computing
Tanmoy Maitra, Mohammad S. Obaidat, Ruhul Amin, SK Hafizul Islam, Shehzad Ashraf Chaudhry, Debasis Giri,
... vulnerabilities such as forgery attack and off‐line password‐guessing attack. To vanquish these loopholes, this article presents a robust authentication protocol for client‐server communication over any insecure networks. ...
Tópico(s): Cryptography and Data Security
2016 - Wiley | International Journal of Communication Systems
Tópico(s): Advanced
2000 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Communications
Chia-Liang Lin, Ching-Po Hung,
... 2004, Tsuji and Shimizu proposed a one-time password authentication protocol, named 2GR (Two-Gene-Relation password authentication protocol). The design goal of the 2GR protocol is ... verifier attack on SAS-2 (Simple And Secure password authentication protocol, ver.2) and the theft attack on ROSI (RObust and SImple password authentication protocol). Tsuji and Shimizu claimed that in the 2GR ...
Tópico(s): User
2006 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Communications
We outline an end-to-end password authentication protocol for the web designed to be stateless and as secure as possible given legacy limitations of the web browser and performance constraints ...
Tópico(s): Internet Traffic Analysis and Secure E-voting
2011 - Springer Science+Business Media | Lecture notes in computer science