Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture

Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture

From user point of view, password-based remote user authentication technique is one of the most convenient and easy-to-use mechanisms to provide necessary security on system access. As the number of computer crimes in modern cyberspace has increased dramatically, the robustness of password-based aut...

Full description

Saved in:
Bibliographic Details
Main Authors: Yeh, Kuo-Hui, Lo, Nai-Wei, LI, Yingjiu
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2011
Subjects:
anonymity
authentication
dynamic ID
multi-server
smart cards
Computer Sciences
Online Access:https://ink.library.smu.edu.sg/sis_research/1334
http://dx.doi.org/10.1002/dac.1184
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-2333
record_format dspace
spelling sg-smu-ink.sis_research-23332011-02-22T01:30:19Z Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture Yeh, Kuo-Hui Lo, Nai-Wei LI, Yingjiu From user point of view, password-based remote user authentication technique is one of the most convenient and easy-to-use mechanisms to provide necessary security on system access. As the number of computer crimes in modern cyberspace has increased dramatically, the robustness of password-based authentication schemes has been investigated by industries and organizations in recent years. In this paper, a well-designed password-based authentication protocol for multi-server communication environment, introduced by Hsiang and Shih, is evaluated. Our security analysis indicates that their scheme is insecure against session key disclosure, server spoofing attack, and replay attack and behavior denial. 2011-01-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/1334 info:doi/10.1002/dac.1184 http://dx.doi.org/10.1002/dac.1184 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University anonymity authentication dynamic ID multi-server smart cards Computer Sciences
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic anonymity
authentication
dynamic ID
multi-server
smart cards
Computer Sciences
spellingShingle anonymity
authentication
dynamic ID
multi-server
smart cards
Computer Sciences
Yeh, Kuo-Hui
Lo, Nai-Wei
LI, Yingjiu
Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
description From user point of view, password-based remote user authentication technique is one of the most convenient and easy-to-use mechanisms to provide necessary security on system access. As the number of computer crimes in modern cyberspace has increased dramatically, the robustness of password-based authentication schemes has been investigated by industries and organizations in recent years. In this paper, a well-designed password-based authentication protocol for multi-server communication environment, introduced by Hsiang and Shih, is evaluated. Our security analysis indicates that their scheme is insecure against session key disclosure, server spoofing attack, and replay attack and behavior denial.
format text
author Yeh, Kuo-Hui
Lo, Nai-Wei
LI, Yingjiu
author_facet Yeh, Kuo-Hui
Lo, Nai-Wei
LI, Yingjiu
author_sort Yeh, Kuo-Hui
title Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
title_short Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
title_full Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
title_fullStr Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
title_full_unstemmed Cryptanalysis of Hsiang-Shih's Authentication Scheme for Multi-Server Architecture
title_sort cryptanalysis of hsiang-shih's authentication scheme for multi-server architecture
publisher Institutional Knowledge at Singapore Management University
publishDate 2011
url https://ink.library.smu.edu.sg/sis_research/1334
http://dx.doi.org/10.1002/dac.1184
_version_ 1770570969645056000

Similar Items