Cryptanalysis of a Multi-Server Password Authenticated Key Agreement Scheme Using Smart Cards

Wei-Chi KU  Hsiu-Mei CHUANG  Min-Hung CHIANG  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E88-A   No.11   pp.3235-3238
Publication Date: 2005/11/01
Online ISSN: 
DOI: 10.1093/ietfec/e88-a.11.3235
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Information Security
key agreement,  multi-server architecture,  mutual authentication,  password,  smart card,  

Full Text: PDF(70.3KB)>>
Buy this Article

Recently, Juang proposed an efficient password authenticated key agreement scheme using smart cards for the multi-server architecture. Juang's scheme was intended to provide mutual authentication and session key agreement. Herein, we show that Juang's scheme is vulnerable to a privileged insider's attack and is not easily reparable. Furthermore, it does not provide forward secrecy and the user eviction mechanism.