{"title":"两种密码认证方案的安全性分析","authors":"Zuowen Tan","doi":"10.1109/ICMB.2009.57","DOIUrl":null,"url":null,"abstract":"Recently, Rhee, Kwon and Lee proposed a practical authentication scheme only based on the common storage device. In the scheme the remote user does not need to use smart cards. It is convenient for the users to use a common storage device such as a universal serial bus memory. The scheme is easy to implement. However, this authentication scheme is vulnerable to impersonation attacks and middle man attacks. An attacker could impersonate legitimate users to login and access the remote server. In addition, we analyze the security of Fan-Chan- Zhang’s scheme. The scheme suffers from replay attacks and impersonation attacks.","PeriodicalId":125570,"journal":{"name":"2009 Eighth International Conference on Mobile Business","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Security Analysis of Two Password Authentication Schemes\",\"authors\":\"Zuowen Tan\",\"doi\":\"10.1109/ICMB.2009.57\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, Rhee, Kwon and Lee proposed a practical authentication scheme only based on the common storage device. In the scheme the remote user does not need to use smart cards. It is convenient for the users to use a common storage device such as a universal serial bus memory. The scheme is easy to implement. However, this authentication scheme is vulnerable to impersonation attacks and middle man attacks. An attacker could impersonate legitimate users to login and access the remote server. In addition, we analyze the security of Fan-Chan- Zhang’s scheme. The scheme suffers from replay attacks and impersonation attacks.\",\"PeriodicalId\":125570,\"journal\":{\"name\":\"2009 Eighth International Conference on Mobile Business\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Eighth International Conference on Mobile Business\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICMB.2009.57\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Eighth International Conference on Mobile Business","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICMB.2009.57","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Analysis of Two Password Authentication Schemes
Recently, Rhee, Kwon and Lee proposed a practical authentication scheme only based on the common storage device. In the scheme the remote user does not need to use smart cards. It is convenient for the users to use a common storage device such as a universal serial bus memory. The scheme is easy to implement. However, this authentication scheme is vulnerable to impersonation attacks and middle man attacks. An attacker could impersonate legitimate users to login and access the remote server. In addition, we analyze the security of Fan-Chan- Zhang’s scheme. The scheme suffers from replay attacks and impersonation attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
