2003 Help me understand this report
Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme
Abstract: Many password authentication schemes employ hash functions as their basic building blocks to achieve better efficiency. In 2000, Peyravian and Zunic proposed a hash-based password authentication scheme that is efficient and can be easily implemented. Recently, Lee, Li, and Hwang demonstrated that Peyravian-Zunic's hash-based password authentication scheme is vulnerable to the off-line guessing attack, and then proposed an improved version. In this article, we show that their improved scheme is still vulnerable…
Search citation statements
Paper Sections
Select...
5
Citation Types
0
6
0
Year Published
2006
2018
Publication Types
Select...
5
2
2
Relationship
0
9
Authors
Journals
Cited by 30 publications
(7 citation statements)
References 9 publications
0
6
0
“…In this case, they commonly require additional overhead on the local and remote application programs. Unlike the typical remote user authentication and password change protocols, some user authentication protocols use only collision-resistant one-way hash functions to protect the secrecy of passwords while transmitting over the public network [2,5,6,7,9,10,11].…”
Section: Introductionmentioning
confidence: 99%
“…In this case, they commonly require additional overhead on the local and remote application programs. Unlike the typical remote user authentication and password change protocols, some user authentication protocols use only collision-resistant one-way hash functions to protect the secrecy of passwords while transmitting over the public network [2,5,6,7,9,10,11].…”
Section: Introductionmentioning
confidence: 99%
“…Unlike the typical remote user authentication and password change protocols, some user authentication protocols use only collision-resistant one-way hash functions [5,6,8,9,12]. Hash functions take an input string and convert it into an output string from which the input string cannot be determined.…”
Section: Introductionmentioning
confidence: 99%
“…Later, Shimizu et al (1998) overcome the weakness of Lamport (1981) and proposed a modified scheme. Thereafter, many schemes and improvements (Lee et al, 2002;Peyravian and Zunic, 2000;Ku et al, 2003;Ku, 2004) on hash-based remote user authentication, have been proposed. These schemes take low computation cost and are computationally viable for implementation in a handheld device like smart card; however, the schemes primarily suffer from password guessing, stolen-verifier and denial-of-service attacks (Ku et al, 2003;Hsieh et al, 2003).…”
Section: Introductionmentioning
confidence: 99%
“…So far, several research works on public-key based remote user authentication (Chang and Wu, 1993;Chang and Liao, 1994;Hwang and Yeh, 2002;Shen et al, 2003) have been done. Unfortunately, many times, a paper typically breaks a previous scheme and proposes a new one (Ku et al, 2003;Hsieh et al, 2003), which someone breaks later and, in turn, proposes a new one, and so on. Most of such work, though quite important and useful, essentially provides an incremental advance to the same basic theme (Peyravian and Zunic, 2000).…”
Section: Introductionmentioning
confidence: 99%
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
