Back to Search Start Over

Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol

Authors :
Ku, Wei-Chi
Tsai, Hao-Chuan
Chen, Shuai-Min
Source :
ACM SIGOPS Operating Systems Review; October 2003, Vol. 37 Issue: 4 p26-31, 6p
Publication Year :
2003

Abstract

In 2001, Lin, Sun, and Hwang proposed a strong-password authentication protocol, OSPA, which was later found to be vulnerable to a stolen-verifier attack and a man-in-the-middle attack. Recently, Lin, Shen, and Hwang [10] proposed an improved protocol of OSPA and showed that the improved protocol can resist the guessing attack, the replay attack, the impersonation attack, and the stolen-verifier attack. Herein, we show that their protocol is still vulnerable to a replay attack and a denial-of-service attack.

Details

Language :
English
ISSN :
01635980 and 1943586X
Volume :
37
Issue :
4
Database :
Supplemental Index
Journal :
ACM SIGOPS Operating Systems Review
Publication Type :
Periodical
Accession number :
ejs7046642
Full Text :
https://doi.org/10.1145/958965.958968
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details