Advanced Search
Volume 34 Issue 09
Sep.  2008
Turn off MathJax
Article Contents
Journal of Beijing University of Aeronautics and Astronautics  > 2008  >  34(09): 1037-1040.
Hu Ronglei, Liu Jianwei, Zhang Qishanet al. Improvement of remote user authentication schemes using passwords[J]. Journal of Beijing University of Aeronautics and Astronautics, 2008, 34(09): 1037-1040. (in Chinese)
Citation: Hu Ronglei, Liu Jianwei, Zhang Qishanet al. Improvement of remote user authentication schemes using passwords[J]. Journal of Beijing University of Aeronautics and Astronautics, 2008, 34(09): 1037-1040. (in Chinese)
shu

Improvement of remote user authentication schemes using passwords

  • School of Electronics and Information Engineering, Beijing University of Aeronautics and Astronautics, Beijing 100191, China

  • Received Date: 27 Aug 2007
  • Publish Date: 30 Sep 2008
    Abstract
  • Password authentication scheme is a promising and practical solution to remote user authentication. The security of an authentication scheme using strong graphical passwords basing on hash function was analyzed. The scheme can not resist to stolen-verifier attack. The adversary can pretend to be a server to cheat a legal user to send him authentication message, and then it masquerades as a legal user by creating a valid login message, passes the authentication phase and gains the authority of a legitimate user without knowing user password. An enhanced scheme was proposed in which smart card is used for storing server authentication message. The server and user can authenticate each other. The adversary can personate neither server nor user and can not get useful login message from eavesdropped communication. The enhanced scheme can withstand replay attack, denial-of-service attack, password-guessing attack, forgery attack, password-file compromise attack and inside attack as the former scheme. It can also withstand stolen-verifier attack and smart card loss attack.

     

    • FullText(HTML)
  • loading
    • References(1)
  • [1] Lamport L. Password authentication with insecure communication[J]. Communication of ACM, 1981, 24:770-772 [2] Tsai Chwei-Shyong,Lee Cheng-Chi, Hwang Min-Shiang.Password authentication schemes-current status and key issues[J].International Journal of Network Security,2006,3(2):101-115 [3] Ku Wei-Chi, Tsaur Maw-Jinn. A remote user authentication scheme using strong graphical passwords 30th Annual IEEE Conference on Local Computer Networks (LCN 2005). Sydney, Australia: IEEE Computer Society, 2005:351-357 [4] Ku W C. A hash-based strong-password authentication scheme without using smart cards[J]. ACM Operating System Review, 2004, 38(1): 29-34 [5] Kim Minho. Cryptanalysis and enhancement of authentication protocols . Corvallis: Philosophy in Electrical and Computer Engineering of Oregon State University, 2006 [6] Chen T H, Lee W B, Horng G. Secure SAS-like password authentication schemes[J]. Computer Standards & Interfaces, 2004, 27: 25-31
    • Relative Articles
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索
    Get Citation
    PDF
    XML

    Article Metrics

    Article views(3161) PDF downloads(980) Cited by()
    Proportional views
    Related

    Copyright © Journal of Beijing University of Aeronautics and Astronautics

    Address: Editorial Department of Journal of Beijing University of Aeronautics and Astronautics, 37 Xueyuan Road, Haidian District, Beijing Post Code: 100191 Email: jbuaa@buaa.edu.cn

    Supported by: Beijing Renhe Information Technology Co., Ltd.  

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return