XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Yalin Chen,Jue-Sam Chou*,Chun-Hui Huang

DOI: https://doi.org/10.48550/arXiv.1007.0060

2010-07-01

Abstract:In this paper, we analyze four authentication protocols of Bindu et al., Goriparthi et al., Wang et al. and Hölbl et al.. After investigation, we reveal several weaknesses of these schemes. First, Bindu et al.'s protocol suffers from an insider impersonation attack if a malicious user obtains a lost smart card. Second, both Goriparthi et al.'s and Wang et al.'s protocols cannot withstand a DoS attack in the password change phase, i.e. an attacker can involve the phase to make user's password never be used in subsequent authentications. Third, Hölbl et al.'s protocol is vulnerable to an insider attack since a legal but malevolent user can deduce KGC's secret key.

Cryptography and Security

Ding Wang,Chun-guang Ma,De-li Gu,Zhen-shan Cui

DOI: https://doi.org/10.1007/978-3-642-34601-9_35

2012-01-01

Abstract:In NSS'10, Shao and Chin pointed out that Hsiang and Shih's dynamic ID-based remote user authentication scheme for multi-server environment has several security flaws and further proposed an improved version which is claimed to be efficient and secure. In this study, however, we will demonstrate that Shao-Chin's scheme still cannot achieve the claimed security goals, and we report its following flaws: (1) It cannot withstand offline password guessing attack under their non-tamper resistance assumption of the smart card; (2) It fails to provide user anonymity; (3) It is prone to user impersonation attack. More recently, Li et al. found that Sood et al.'s dynamic ID-based authentication protocol for multi-server architecture is still vulnerable to several kinds of attacks and presented a new scheme that attempts to overcome the identified weaknesses. Notwithstanding their ambitions, Li et al.'s scheme is still found vulnerable to various known attacks by researchers. In this study, we perform a further cryptanalysis and uncover its two other vulnerabilities: (1) It cannot achieve user anonymity, which is the essential goal of a dynamic ID-based scheme; (2) It is susceptible to offline password guessing attack. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

HM Sun,HT Yeh

2003-01-01

IEICE Transactions on Communications

Abstract:Following the developments in the use of ID-based schemes and smart cards, Yang and Shieh proposed two password authentication schemes to achieve two purposes: (1) to allow users to choose and change their passwords freely, and (2) to make it unnecessary for the remote server to maintain a directory of passwords or a verification table to authenticate users. Recently, Chan and Cheng showed that Yang and Shieh's timestamp-based password authentication scheme is insecure against forgery. In this paper, we point out that Chan and Cheng's forgery attack can not work. Thus, we further examine the security of Yang and Shieh's password authentication schemes and find that they are insecure against forgery because one adversary can easily pretend to be a valid user and pass the server's verification which allows the adversary to login to the the remote server.

Dheerendra Mishra,Ankita Chaturvedi,Sourav Mukhopadhyay

DOI: https://doi.org/10.48550/arXiv.1312.4793

2013-12-17

Abstract:The smart card based authentication protocols try to ensure secure and authorized communication between remote entities. In 2012, Wei et al. presented an improvement of Wu et al.'s two-factor authentication scheme for TMIS which is proven vulnerable to off-line password guessing attack by Zhu. Zhu also proposed a modified scheme to overcome with weakness of Wei et al.'s scheme, although Lee and Liu showed the failure of his scheme to resist parallel session attacks. Moreover, Lee and Liu introduced an improved scheme. We analyze Wei et al.'s, Zhu's and Lee and Liu's schemes and identify that none of the schemes resist on-line password guessing attack. Moreover, these schemes do not present efficient login and password chance phase. We also show that how inefficient password change phase causes denial of service attack. Further, we propose an improved password based remote user authentication scheme with the aim to eliminate all the drawbacks of previously presented schemes.

Cryptography and Security

Chunguang Ma,Ding Wang,Sendong Zhao

DOI: https://doi.org/10.1002/dac.2468

2014-01-01

International Journal of Communication Systems

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password-based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID-based scheme without public-key operations introduced byWen and Li in 2012. This proposal attempts to overcome many of the well-known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen-Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart-card-based password authentication schemes: (i) public-key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade-off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright (C) 2012 John Wiley & Sons, Ltd.

Jeremy Jean,Ivica Nikolic,Yu Sasaki,Lei Wang

DOI: https://doi.org/10.1007/978-3-319-13051-4_14

2014-01-01

Abstract:We present two practical attacks on the CAESAR candidate PAES. The first attack is a universal forgery for any plaintext with at least 240 bytes. It works for the nonce-repeating variant of PAES and in a nutshell it is a state recovery based on solving differential equations for the S-box leaked throught the ciphertext that arise when the plaintext has a certain difference. We show that to produce the forgery based on this method the attacker needs only 2(11) time and data. The second attack is a distinguisher for 2(64) out of 2(128) keys that requires negligible complexity and only one pair of known plaintext-ciphertext. The attack is based on the lack of constants in the initialization of the PAES which allows to exploit the symmetric properties of the keyless AES round. Both of our attacks contradict the security goals of PAES.

Xiong Li,Saru Kumari,Muhammad Khurram Khan,Junguo Liao,Wei Liang

DOI: https://doi.org/10.1109/isbast.2014.7013106

2014-01-01

Abstract:User authentication is an important security issue for network based services. Multi-server authentication scheme resolves the repeated registration problem of single-server authentication scenario where the user has to register at different servers to access different types of network services. Recently, Pippal et al. proposed a smart card authentication scheme for multi-server architecture. They claimed that their scheme has some advantages and can resist kinds of attacks. In this paper, we analyze the weaknesses of Pippal et al.'s scheme, and point out that their scheme cannot provide correct authentication, cannot resist impersonation attack, stolen smart card attack, and insider attack. Besides, their scheme is non-extensible when a new server added into the system.

Xinjie Zhao,Shize Guo,Fan Zhang,Tao Wang,Zhijie Shi,Huiying Liu,Keke Ji,Jing Huang

DOI: https://doi.org/10.1016/j.jss.2012.11.007

IF: 3.5

2013-01-01

Journal of Systems and Software

Abstract:The side-channel cube attack (SCCA) is a powerful cryptanalysis technique that combines the side-channel and cube attack. This paper proposes several advanced techniques to improve the Hamming weight-based SCCA (HW-SCCA) on the block cipher PRESENT. The new techniques utilize non-linear equations and an iterative scheme to extract more information from leakage. The new attacks need only 2^8^.^9^5 chosen plaintexts to recover 72 key bits of PRESENT-80 and 2^9^.^7^8 chosen plaintexts to recover 121 key bits of PRESENT-128. To the best of our knowledge, these are the most efficient SCCAs on PRESENT-80/128. To show the feasibility of the proposed techniques, real attacks have been conducted on PRESENT on an 8-bit microcontroller, which are the first SCCAs on PRESENT on a real device. The proposed HW-SCCA can successfully break PRESENT implementations even if they have some countermeasures such as random delay and masking.

R Jiang,L Pan,JH Li

DOI: https://doi.org/10.1016/j.cose.2004.04.002

IF: 5.105

2004-01-01

Computers & Security

Abstract:In this paper, we present further analysis of Yang–Shieh's password authentication schemes. At first, we formally analyze Yang–Shieh's two password authentication schemes on the basis of authentication tests to disclose the insecurity of the two schemes, and then give two kind of examples, one is our attack to the nonce-based scheme and the other is Chan–Cheng's attack (Comput Secur 21 (2002) 74) and Fan–Li–Zhu's attack (Comput Secur 21 (2002) 665) to the timestamp-based scheme. Secondly, we propose an amendment of the timestamp-based scheme to withstand the attacks of Chan–Cheng and Fan–Li–Zhu, and propose our improved nonce-based scheme. Finally, we formally analyze our two improved schemes with the authentication tests, and prove they are secure in password authentication. Our improved schemes preserve the merits of Yang–Shieh's schemes, and the improved timestamp-based scheme can withstand the attacks of Chan–Cheng and Fan–Li–Zhu, and the improved nonce-based scheme is able to prevent malicious replay attacks in the network without synchronized clock or with long transmission delay.

Ding Wang,Chunguang Ma,Sendong Zhao,ChangLi Zhou

DOI: https://doi.org/10.1007/978-3-642-35606-3_13

2012-01-01

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. Recently, Yeh et al. showed that Hsiang and Shih's password-based remote user authentication scheme is vulnerable to various attacks if the smart card is nontamper resistant, and proposed an improved version which was claimed to be efficient and secure. In this study, however, we find that, although Yeh et al.'s scheme possesses many attractive features, it still cannot achieve the claimed security goals, and we report its following flaws: (1) It cannot withstand offline password guessing attack and key-compromise impersonation attack under their non-tamper resistance assumption of the smart card; (2) It fails to provide user anonymity and forward secrecy; (3) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme under investigation in practice. Remarkably, rationales for the security analysis of password-based authentication schemes using smart cards are discussed in detail. © IFIP International Federation for Information Processing 2012.

Juan E. Tapiador,Julio C. Hernandez-Castro,P. Peris-Lopez,John A. Clark

DOI: https://doi.org/10.48550/arXiv.1111.2744

2011-11-11

Abstract:Song \cite{Song10} proposed very recently a password-based authentication and key establishment protocol using smart cards which attempts to solve some weaknesses found in a previous scheme suggested by Xu, Zhu, and Feng \cite{XZF09}. In this paper, we present attacks on the improved protocol, showing that it fails to achieve the claimed security goals.

Cryptography and Security

Limin Guo,Lihui Wang,Qing Li,Jun Yu,Peng Luo

DOI: https://doi.org/10.1109/cis.2015.92

2015-01-01

Abstract:Dynamic password technology is widely utilized for identity authentication, which depends on using hash functions, such as SM3. And SM3 hash algorithm is based on the mixing of different group operations, such as XOR and addition modulo 232. In this paper, we present two original first-order differential power analysis attacks on dynamic password token based on SM3 algorithm. The two proposed DPA attacks are against XOR and addition modulo 232 operation respectively. Experimental results show that dynamic password token based on SM3 algorithm is vulnerable to side channel attacks, no matter implemented in software or hardware. We also provide a masked implementation of the algorithm, which is designed to avoid those proposed attacks.

Jie Liu,Lei Fan,Jianhua Li

DOI: https://doi.org/10.1145/1501434.1501509

2006-01-01

Abstract:Yang and Shieh proposed two password authentication schemes based on smart cards. The best merit of their schemes is that the remote server can verify a login user without any prior knowledge except a login request message. Unfortunately, some security weaknesses had been found and kinds of attacks were presented later. Although some improvements were proposed to fix those weaknesses, part of these improvements need the remote server to maintain verification tables and the other improvements were proved insecure either. In this paper, we will propose two improved schemes that can withstand all existed attacks while keeping the best merit of the original schemes. The remote server in our improved schemes is still able to verify a login user only by a request message.

Yu Sasaki,Lei Wang,Kazuo Ohta,Noboru Kunihiro

DOI: https://doi.org/10.1587/transfun.e92.a.96

2009-01-01

Abstract:In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

Dheerendra Mishra,Sourav Mukhopadhyay

DOI: https://doi.org/10.48550/arXiv.1309.5255

2013-09-20

Abstract:Remote user authentication is desirable for a Telecare medicine information system (TMIS) to verify the correctness of remote users. In 2013, Jiang et al. proposed privacy preserving authentication scheme for TMIS. Recently, Wu and Xu analyzed Jiang's scheme and identify serious security flaws in their scheme, namely, user impersonation attack, DoS attack and off-line password guessing attack. In this article, we analyze Wu and Xu's scheme and show that their scheme is also vulnerable to off-line password guessing attack and does not protect user anonymity. Moreover, we identify the inefficiency of incorrect input detection of the login phase in Wu and Xu's scheme, where the smart card executes the login session in-spite of wrong input.

Cryptography and Security

Baoyuan Kang,Jinguang Han,Qingju Wang

DOI: https://doi.org/10.1109/ICCET.2010.5486299

2010-01-01

Abstract:Wang et al. presented a remote password authentication scheme using IC (integrated Circuit)cards in 2004. Recently, Cheng et al. pointed that the Wang et al.'s scheme is unable to withstand the forgery attack. They consequently proposed a novel version to resist the forgery attack. Although Cheng et al. claimed that their scheme is secure against all known attacks and more practical in application than other IC-card-based authentication schemes, in this paper, we show that Cheng et al. scheme is vulnerable to the guessing attack, parallel session attack and key-compromise attack. To remedy these flaws, this paper proposes an improvement over Cheng et al. scheme with more security.

Tianjie Cao,Yong Zhang

2008-01-01

Journal of Information and Computational Science

Abstract:The efficient password-based authentication (EPA) protocol was proposed by Hwang et al.. Recently, Kwon et al. pointed out that EPA is vulnerable to server compromise, and then they proposed an improved EPA protocol. In this paper, we show that the server compromise attacks also exist in the improved EPA protocol. We also propose a modification method to eliminate this weakness. 1548-7741/Copyright © 2008 Binary Information Press October 2008.

QIAN Yong,ZHANG Yong,BAI Yingcai

DOI: https://doi.org/10.3969/j.issn.1000-3428.2001.03.008

2001-01-01

Abstract:An approach which made use of running modes of two-party cryptographic protocols to analyze protocols was put forwarded in [1]. Through some counter-examples, we found flaws in the approach. In this paper, an efficient method is developed, which matchs faked messages with received set of attacks,messages in other run of protocol. Using the method, we found holes of some cryptographic protocols successly.

Limin Guo,Qing Li,Lihui Wang,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.28

2015-01-01

Abstract:Dynamic password technology is one of the most widely utilized methods for identity authentication. The security of dynamic password system depends on the cryptographic strength of the underlying hash function. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithm implementations are vulnerable against side channel attacks. But specific side channel attacks on dynamic password token based on SM3 hash function have not been given so far. This paper presents a differential power analysis attack on dynamic password token based on SM3 algorithm. SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of generating dynamic password using SM3 algorithm in a smart card, which demonstrate the feasibility of such attacks described in this paper.