For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Weaknesses of Two SAS-Like Password Authentication Schemes
Min-Hung CHIANG Wei-Chi KU
IEICE TRANSACTIONS on Communications
Publication Date: 2006/02/01
Online ISSN: 1745-1345
Print ISSN: 0916-8516
Type of Manuscript: LETTER
Category: Fundamental Theories for Communications
denial-of-service attack, password authentication, reparability, smart card,
Full Text: PDF(69.9KB)>>
In 2000, Sandirigama, Shimizu, and Noda proposed a simple password authentication scheme, SAS. However, SAS was later found to be flawed. Recently, Chen, Lee, Horng proposed two SAS-like schemes, which were claimed to be more secure than similar schemes. Herein, we show that both their schemes are still vulnerable to denial-of-service attacks. Additionally, Chen-Lee-Horng's second scheme is not easily reparable.