淡江大學機構典藏:Item 987654321/37474
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 62819/95882 (66%)
造访人次 : 4008933      在线人数 : 899
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/37474


    题名: Weaknesses of a Forward-Secure User Authentication Scheme with Smart Cards
    作者: Horng, Wen-Bing;Lee, Cheng-Ping
    贡献者: 淡江大學資訊工程學系
    关键词: Cryptanalysis;Remote user authentication;Smart card
    日期: 2008-05
    上传时间: 2010-01-11 13:32:15 (UTC+8)
    摘要: Remote user authentication is a mechanism for validating users' legitimacy to access the services provided by remote systems over an insecure network. In 1981, Lamport proposed a one-time password remote authentication scheme. However, this scheme needs to maintain a verification table in the remote server. Thus, it is vulnerable to the stolen-verifier attack and the modification attack. To cope with these drawbacks, in 2000, Hwang and Li proposed a novel remote user authentication scheme using smart cards based on the ElGamal public key cryptosystems. Later, Chan and Cheng pointed out that Hwang-Li's scheme is vulnerable to the impersonation attack. In 2003, Chang and Hwang first illustrated that Chan-Cheng's attack might fail under some conditions and then presented enhanced attacks on Hwang-Li's scheme. Later, Shen et al. also provided a different forgery attack on Hwang-Li's scheme and proposed an improvement over the registration phase of Hwang-Li's scheme to cope with the impersonation attack. However, Leng et al. further showed that the improved scheme is still vulnerable to the forgery attack. In 2004, Yoon et al. proposed an enhancement over Hwang-Li's scheme based on the generalized ElGamal signature scheme. This improved scheme also allows users to freely choose and change their passwords. In addition, it also provides session key exchange capability. Recently, in 2006, Wang and Li demonstrated that Yoon et al.'s scheme does not offer the property of perfect forward secrecy; once the long-term secret key of the remote server has been compromised, all previous session keys will be broken. They then presented an improved scheme to provide perfect forward secrecy. In this paper, we show that Wang-Li's scheme is vulnerable to the offline password guessing attack, the parallel session attack, the reflection attack, and the insider attack. Besides, we also indicate that the first and the last attacks occur in Yoon et al.'s scheme as well.
    關聯: ICIM 2008第十九屆國際資訊管理學術研討會論文集,6頁
    显示于类别:[資訊工程學系暨研究所] 會議論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    Weaknesses+of+a+Forward-Secure+User+Authentication+Scheme+with+Smart+Cards_英文摘要.pdf60KbAdobe PDF197检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈