• Title/Summary/Keyword: Parallel session attack

Search Result 4, Processing Time 0.017 seconds

Cryptanalysis Of Two Remote User Authentication Schemes Using Smart Cards

  • Yoon Eun-Jun;Ryu Eun-Kyung;Jo Young-Woo;Yoo Kee-Young
    • Proceedings of the IEEK Conference
    • /
    • summer
    • /
    • pp.152-154
    • /
    • 2004
  • In 2004, Ku-Chen proposed an improvement to Chien et al.'s scheme to prevent from some weaknesses. Lee et al. also proposed an improvement to Chien et al.'s scheme to prevent from parallel session attack. This paper, however, will demonstrate that Ku-Chen's scheme is still vulnerable to the parallel session attack and Lee et al.'s scheme is also vulnerable to masquerading server attack.

  • PDF

Enhanced Password-based Remote User Authentication Scheme Using Smart Cards

  • Jeon, II-Soo;Kim, Hyun-Sung
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.16 no.1
    • /
    • pp.9-19
    • /
    • 2011
  • Secure and efficient authentication schemes over insecure networks have been a very important issue with the rapid development of networking technologies. Wang et al. proposed a remote user authentication scheme using smart cards. However, recently, Chen et al. pointed out that their scheme is vulnerable to the impersonation attack and the parallel session attack, and they proposed an enhanced authentication scheme. Chen et al. claimed that their scheme is secure against the various attacks. However, we have found that their scheme cannot resist the parallel attack and the stolen smart card attack. Therefore, in this paper, we show the security flaws in Chen et al.'s scheme and propose an improved remote user authentication scheme using tamper-resistant smart cards to solve the problem of Chen et al.'s scheme. We also analyze our scheme in terms of security and performance.

A Password-based Efficient Key Exchange Protocol (패스워드 기반의 효율적인 키 교환 프로토콜)

  • 이성운;김현성;유기영
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.4
    • /
    • pp.347-352
    • /
    • 2004
  • In this paper, we propose a new key exchange protocol which authenticates each other and shares a session key between a user and a server over an insecure channel using only a small password. The security of the protocol is based on the difficulty of solving the discrete logarithm problem and the Diffie-Hellman problem and the cryptographic strength of hash function. The protocol is secure against the man-in-the-middle attack, the password guessing attack, the Denning-Sacco attack, and the stolen-verifier attack, and provide the perfect forward secrecy. Furthermore, it is more efficient than other well-known protocols in terms of protocol execution time because it could be executed in parallel and has a simple structure.

A Robust Mutual Authentication Protocol for Wireless Sensor Networks

  • Chen, Tien-Ho;Shih, Wei-Kuan
    • ETRI Journal
    • /
    • v.32 no.5
    • /
    • pp.704-712
    • /
    • 2010
  • Authentication is an important service in wireless sensor networks (WSNs) for an unattended environment. Recently, Das proposed a hash-based authentication protocol for WSNs, which provides more security against the masquerade, stolen-verifier, replay, and guessing attacks and avoids the threat which comes with having many logged-in users with the same login-id. In this paper, we point out one security weakness of Das' protocol in mutual authentication for WSN's preservation between users, gateway-node, and sensor nodes. To remedy the problem, this paper provides a secrecy improvement over Das' protocol to ensure that a legal user can exercise a WSN in an insecure environment. Furthermore, by presenting the comparisons of security, computation and communication costs, and performances with the related protocols, the proposed protocol is shown to be suitable for higher security WSNs.