For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Cryptanalysis of a Multi-Server Password Authenticated Key Agreement Scheme Using Smart Cards
Wei-Chi KU Hsiu-Mei CHUANG Min-Hung CHIANG
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2005/11/01
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Information Security
key agreement, multi-server architecture, mutual authentication, password, smart card,
Full Text: PDF(70.3KB)>>
Recently, Juang proposed an efficient password authenticated key agreement scheme using smart cards for the multi-server architecture. Juang's scheme was intended to provide mutual authentication and session key agreement. Herein, we show that Juang's scheme is vulnerable to a privileged insider's attack and is not easily reparable. Furthermore, it does not provide forward secrecy and the user eviction mechanism.