XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

SH Wang,F Bao,J Wang

DOI: https://doi.org/10.1093/ietcom/e88-b.4.1641

2005-01-01

IEICE Transactions on Communications

Abstract:In 2002, Zhu et al. proposed a password authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in imbalanced wireless networks. Recently, YEH et al. claimed that Zhu et al.'s protocol not only is insecure against undetectable on-line password guessing attack but also does not achieve explicit key authentication. Thus they presented an improved version. Unfortunately, we find that YEH et al.'s password guessing attack does not come into existence, and that their improved protocol is vulnerable to off-line dictionary attacks. In this paper we describe our observation in details, and also comment for the original protocol on how to achieve explicit key authentication as well as resist against other existent attacks.

Tianjie Cao,Tao Quan,Bo Zhang

DOI: https://doi.org/10.4304/jnw.4.4.263-270

2009-01-01

Journal of Networks

Abstract:Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) protocols allow two clients establish a common session key based on their passwords. In a secure C2C-PAKE protocol, there is no computationally bounded adversary learns anything about session keys shared between two clients. Especially a participating server should not learn anything about session keys. Server- compromise impersonation resilience is another desirable security property for a C2C-PAKE protocol. It means that compromising the password verifier of any client A should not enable outside adversary to share session key with A. Recently, Kwon and Lee proposed four C2C-PAKE protocols in the three-party setting, and Zhu et al. proposed a C2C-PAKE protocol in the cross-realm setting. All the proposed protocols are claimed to resist server compromise. However, in this paper, we show that Kwon and Lee’s protocols and Zhu et al’s protocol exist server compromise attacks, and a malicious server can mount man-in-themiddle attacks and can eavesdrop the communication between the two clients.

He Debiao,Chen Jianhua,Hu Jin

2010-01-01

Abstract:He Debiao, Chen Jianhua, Hu Jin School of Mathematics and Statistics, Wuhan University, Wuhan, Hubei 430072, China hedebiao@163.com Abstract: Recently, Abdalla et al. proposed a new gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where each client shares a human-memorable password with a trusted server so that they can resort to the server for authentication when want to establish a shared session key with the gateway. In the letter, we show that a malicious client of GPAKE is still able to gain information of password by performing an undetectable on-line password guessing attack and can not provide the implicit key confirmation. At last, we present a countermeasure to against the attack.

WANG Ding,WANG Ping,LEI Ming

DOI: https://doi.org/10.3969/j.issn.0372-2112.2015.01.028

2015-01-01

Abstract:It remains an open problem to design a secure and efficient RSA-based password-authenticated key exchange (PAKE )protocol in the areas of cryptography .In 2011 ,Wei proposed the first provably secure gateway-oriented PAKE protocol us-ing RSA ,and claimed that the protocol is provably secure in the random oracle model based on the intractability of the integer fac-torization problem .However ,in this short paper ,we point out that an adversary can launch the separation attack on their protocol by exploiting the oracle service unwittingly provided by the server ,and a user’s password can thus be guessed just after tens of mali-cious sessions .Our cryptanalysis result invalidates Wei’s claim that their protocol can achieve the security goal of password protec-tion ,and highlights the damaging threat that separation attack poses to RSA-based PAKE protocols .Furthermore ,we uncover the flaws in their formal security proof and put forward an enhancement to overcome the identified defect .The analysis results show that the improved protocol eliminates the vulnerability of Wei’s protocol while keeping the merit of high performance ,suitable for mo-bile application scenarios .

Tianjie Cao,Dongdai Lim

DOI: https://doi.org/10.1109/lcomm.2006.1665131

IF: 3.5529

2006-01-01

IEEE Communications Letters

Abstract:In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Many researchers pointed out that Zhu et al.'s protocol is vulnerable to off-line dictionary attack. In 2003, Yeh et al. proposed an improved protocol. Recently, Lo and Yang-Wang pointed out that Yeh et al.'s improved protocol is also vulnerable to offline dictionary attack. To avoid this weakness existed in Yeh et al.'s protocol, Lo and Yang-Wang proposed two improved protocols. However, in this letter, we show that the Lo protocol is vulnerable to an active off-line dictionary attack and the Yang-Wang protocol is vulnerable to a passive off-line dictionary attack

Tianjie Cao

2009-01-01

Computer Engineering and Applications Journal

Abstract:Password authentication is the simplest,most convenient and most widely used means of authentication.Recently,Tsaur and some others point out that the password change protocol which is presented by Chang presents the denial-of-service attacks and cannot provide backward secrecy.Then,they present an improved password change mechanism which is claimed to be secure.Their protocol is analysed to show that their improved password change mechanism fails to against the off-line dictionary attack and cannot provide backward secrecy and forward secrecy.Finally,an improved against off-line dictionary attack password change protocol is proposed,which can resist off-line dictionary attack and provide backward secrecy and forward secrecy.

舒剑,许春香

DOI: https://doi.org/10.3969/j.issn.1000-436x.2010.03.008

2010-01-01

Abstract:The security of a recently proposed password-based authenticated key exchange protocol was analyzed. Al- though it was provably secure in the standard model, it was vulnerable to reflection attacks. A modify scheme was pro- posed, which eliminated the defect of original scheme and improved the efficiency of the protocol. The security of the proposed scheme had been proven in the standard model under DDH assumption. The results show that it provides per- fect forward secrecy.

BT Hsieh,HM Sun,T Hwang

DOI: https://doi.org/10.15388/informatica.2003.014

2003-01-01

Informatica

Abstract:In an internet environment, such as UNIX, a remote user has to obtain the access right from a server before doing any job. The procedure of obtaining acess right is called a user authentication protocol. User authentication via user memorable password provides convenience without needing any auxiliary devices, such as smart card. A user authentication protocol via username and password should basically withstand the off-line password guessing attack, the stolen verifier attack, and the DoS attack. Recently, Peyravian and Zunic proposed one password transmission protocol and one password change protocol. Later, Tseng et al. (2001) pointed out that Peyravian and Zunic's protocols can not withstand the off-line password guessing attack, and therefore proposed an improved protocol to defeat the attack. Independently, Hwang and Yeh also showed that Peyravian and Zunic's protocols suffer from some secury flaws, and an improved protocol was also presented. In this paper, we show that both Peyravian and Zunic's protocols and Tseng et al.'s improved protocol are insecure against the stolen verifier attack. Moreover, we show that all Peyravian and Zunic's, Tseng et al.'s, and Hwang and Yeh's protocols are insecure against DoS attack.

Debiao He,Jianhua Chen

DOI: https://doi.org/10.1504/ijesdf.2012.049754

2014-01-01

Abstract:Recently, Zeng et al. proposed a three-party password-based authenticated key exchange protocol, in which two users could generate a common secret key with the help of the server. Although Zeng et al. claimed that their protocol could withstand various attacks, we point out that their protocol cannot resist impersonation attacks and undetectable online dictionary attacks. The analysis shows Zeng et al.'s protocol is insecure for practical applications.

Debiao He,Yuanyuan Zhang,Jianhua Chen

DOI: https://doi.org/10.1007/s11277-013-1282-x

IF: 2.017

2013-01-01

Wireless Personal Communications

Abstract:Authentication protocols with anonymity attracted wide attention since they could protect users’ privacy in wireless communications. Recently, Hsieh and Leu proposed an anonymous authentication protocol based on elliptic curve Diffie–Hellman problem for wireless access networks and claimed their protocol could provide anonymity. However, by proposing a concrete attack, we point out that their protocol cannot provide user anonymity. To overcome its weakness, we propose an improved protocol. We also provide an analysis of our proposed protocol to prove its superiority, even though its computational cost is slightly higher.

Hu Xiong,Yanan Chen,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1016/j.ins.2013.02.004

IF: 8.1

2013-01-01

Information Sciences

Abstract:Three-party password-based authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key with the support from an authenticated server over an insecure channel. Several 3PAKE protocols, which do not require server public keys, have been proposed recently. In this paper, we use Chang et al.’s protocol as a case study and demonstrate that all of the 3PAKE protocols without server public keys are not secure against Key Compromise Impersonation (KCI) attack. A detailed analysis of flaw in these protocols has been conducted and we hope that by identifying this design flaw, similar structural mistakes can be avoided in future designs. Furthermore, we propose an improved protocol that remedies the weakness of these protocols and prove its security in a widely accepted model.

HT Yeh,HM Sun,CT Yang,BC Chen,SM Tseng

2003-01-01

IEICE Transactions on Communications

Abstract:Recently, Zhu et al. proposed an password-based authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in wireless networks. They claimed that the proposed scheme is secure against dictionary attacks. In this paper, we show that the scheme proposed by Zhu et al. is insecure against undetectable on-line password guessing attacks. Furthermore, we examine Zhu et al.'s protocol and find that Zhu et al.'s protocol does not, achieve explicit key authentication. An improved version is then proposed to defeat the undetectable on-line password guessing attacks and also provide explicit key authentication.

Zheng, Jun,Wang, Dongyun

DOI: https://doi.org/10.1109/ICITEC.2014.7105601

2014-01-01

Abstract:SIP (Session Initial Protocol) has been a very popular protocol for VoIP. However, the authentication of this protocol just derives from HTTP digest authentication, which has been demonstrated insecure in the open network. Recently, Arshad et al. proposed an improved mutual authentication scheme based on ECC and claimed that it's secure enough. In this paper, however, we point out that their protocol still could not resist offline password guessing attacks. Furthermore, we propose an ECC-based mutual authentication and key agreement scheme to overcome such a security problem. Also, an analysis of it is provided to indicate that compared to Arshad et al.'s scheme, this scheme reduces twice hash operation and is more secure with reasonable computation cost.

Bin Wang,Jian-Hua Li,Zhi-Peng Tong

DOI: https://doi.org/10.1016/S0167-4048(03)00713-2

IF: 5.105

2003-01-01

Computers & Security

Abstract:Recently, Fan proposed an enhanced scheme to improve the security of Yang-Shieh’s timestamp-based password authentication scheme. The enhanced scheme can withstand the attacks presented by Chan, Cheng and Fan. In this paper, we show that the enhanced scheme is still insecure. An intruder is able to construct a forged login request by intercepting the legitimate login requests and pass the system authentication with a non-negligible probability.

Adam Groce,Jonathan Katz

DOI: https://doi.org/10.1145/1866307.1866365

2010-01-01

Abstract:Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction off ers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability (UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al.

Bin Wang,Jian-Hua Li,Zhi-Peng Tong

DOI: https://doi.org/10.1016/s0167-4048(03)00713-2

IF: 5.105

2003-01-01

Computers & Security

Abstract:Recently, Fan proposed an enhanced scheme to improve the security of Yang-Shieh's timestamp-based password authentication scheme. The enhanced scheme can withstand the attacks presented by Chan, Cheng and Fan. In this paper, we show that the enhanced scheme is still insecure. An intruder is able to construct a forged login request by intercepting the legitimate login requests and pass the system authentication with a non-negligible probability.

Junhan Yang,Tianjie Cao

2011-01-01

Journal of Computational Information Systems

Abstract:With advances in elliptic curve cryptography, Li et al. and Yoon et al. proposed two password-authenticated key exchange protocols without server's public key. They claimed to be secure against several possible attacks, securely update user passwords without a complicated process, and also provide explicit key authentication in the case of a session key agreement. Unfortunately, Li et al.'s protocol is vulnerable to off-line dictionary attack and man-in-the-middle attack. Meanwhile Yoon et al.'s protocol is subject to off-line dictionary attack and fails to provide backward secrecy. In this paper, we conduct a detailed analysis on the flaws and also propose a verifier-based password-authenticated key exchange protocol via elliptic curves which is secure against various known attacks. Copyright © 2011 Binary Information Press.

Debiao He,Jianhua Chen,Jin Hu

DOI: https://doi.org/10.31449/inf.v34i3.308

2010-01-01

Informatica

Abstract:Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called S-3PAKE protocol proposed by Lu and Cao for passwordauthenticated key exchange in the three-party setting. In the current work, we are concerned with the password security of the S-3PAKE protocol. We first show that S-3PAKE is vulnerable to an off-line dictionary attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of S3PAKE.

Juan E. Tapiador,Julio C. Hernandez-Castro,P. Peris-Lopez,John A. Clark

DOI: https://doi.org/10.48550/arXiv.1111.2744

2011-11-11

Abstract:Song \cite{Song10} proposed very recently a password-based authentication and key establishment protocol using smart cards which attempts to solve some weaknesses found in a previous scheme suggested by Xu, Zhu, and Feng \cite{XZF09}. In this paper, we present attacks on the improved protocol, showing that it fails to achieve the claimed security goals.

Cryptography and Security