English

Cryptanalysis on Four Two-Party Authentication Protocols

Cryptography and Security 2010-07-02 v1
Authors: Yalin Chen , Jue-Sam Chou* , Chun-Hui Huang
View on arXiv PDF

Abstract

In this paper, we analyze four authentication protocols of Bindu et al., Goriparthi et al., Wang et al. and H\"olbl et al.. After investigation, we reveal several weaknesses of these schemes. First, Bindu et al.'s protocol suffers from an insider impersonation attack if a malicious user obtains a lost smart card. Second, both Goriparthi et al.'s and Wang et al.'s protocols cannot withstand a DoS attack in the password change phase, i.e. an attacker can involve the phase to make user's password never be used in subsequent authentications. Third, H\"olbl et al.'s protocol is vulnerable to an insider attack since a legal but malevolent user can deduce KGC's secret key.

Keywords

authentication protocol

Cite

@article{arxiv.1007.0060,
  title  = {Cryptanalysis on Four Two-Party Authentication Protocols},
  author = {Yalin Chen and Jue-Sam Chou* and Chun-Hui Huang},
  journal= {arXiv preprint arXiv:1007.0060},
  year   = {2010}
}

Comments

5 pages

Related papers

View all related →
Cryptography and Security · Computer Science
Comments on Five Smart Card Based Password Authentication Protocols
Yalin Chen, Jue-Sam Chou*, Chun-Hui Huang
2010-07-02
Cryptography and Security · Computer Science
Cryptanalysis and Improvement of Jiang et al.'s Smart Card Based Remote User Authentication Scheme
Dheerendra Mishra, Ankita Chaturvedi, Sourav Mukhopadhyay
2013-12-18
Cryptography and Security · Computer Science
Cryptanalysis of Yang-Wang-Chang's Password Authentication Scheme with Smart Cards
Al-Sakib Khan Pathan, Choong Seon Hong
2008-12-18
Cryptography and Security · Computer Science
Cryptanalysis of Song's advanced smart card based password authentication protocol
Juan E. Tapiador, Julio C. Hernandez-Castro, P. Peris-Lopez, John A. Clark
2011-11-14
Cryptography and Security · Computer Science
Cryptanalysis of two recently proposed ultralightweight authentication protocol for IoT
Masoumeh Safkhani, Nasour Bagheri
2019-07-29
Cryptography and Security · Computer Science
Cryptanalysis and improvement of two certificateless three-party authenticated key agreement protocols
Haiyan Sun, Qiaoyan Wen, Hua Zhang, Zhengping Jin +1
2013-01-23
Cryptography and Security · Computer Science
Practical Attacks on a RFID Authentication Protocol Conforming to EPC C-1 G-2 Standard
Mohammad Hassan Habibi, Mahmud Gardeshi, Mahdi R. Alaghband
2011-02-07
Cryptography and Security · Computer Science
A Robust Password-Based Multi-Server Authentication Scheme
Vorugunti Chandra Sekhar, Mrudula Sarvabhatla
2014-01-24
Cryptography and Security · Computer Science
Weaknesses of a dynamic identity based authentication protocol for multi-server architecture
Weiwei Han
2012-01-05
Cryptography and Security · Computer Science
Cryptanalysis of a more efficient and secure dynamic id-based remote user authentication scheme
Mohammed Aijaz Ahmed, D. Rajya Lakshmi, Sayed Abdul Sattar
2010-07-15
Quantum Physics · Physics
Cryptanalysis and improvement of several quantum private comparison protocols
Zhao-Xu Ji, Pei-Ru Fan, Huan-Guo Zhang, Hou-Zhen Wang
2020-08-26
Cryptography and Security · Computer Science
A protected password change protocol
Ren-Chiun Wang, Chou-Chen Yang, Kun-Ru Mo
2007-05-23
Cryptography and Security · Computer Science
Cryptanalysis of two mutual authentication protocols for low-cost RFID
Mohammad Hassan Habibi, Mahmoud Gardeshi, Mahdi R. Alaghband
2011-02-07
Cryptography and Security · Computer Science
Cryptanalysis of Wu and Xu's authentication scheme for Telecare Medicine Information Systems
Dheerendra Mishra, Sourav Mukhopadhyay
2013-09-23
Cryptography and Security · Computer Science
Cryptanalysis of a code-based full-time signature
Nicolas Aragon, Marco Baldi, Jean-Christophe Deneuville, Karan Khathuria +2
2021-07-07
Cryptography and Security · Computer Science
Cryptanalysis of Key Issuing Protocols in ID-based Cryptosystems
Raju Gangishetti, M. Choudary Gorantla, Manik Lal Das, Ashutosh Saxena
2007-05-23
Cryptography and Security · Computer Science
Cryptanalysis of authentication and key establishment protocol in Mobile Edge Computing Environment
Sundararaju Mugunthan, Venkatasamy Sureshkumar
2024-12-30
Cryptography and Security · Computer Science
Cryptanalysis of a privacy-preserving behavior-oriented authentication scheme
Sigurd Eskeland, Ahmed Fraz Baig
2022-09-15
Cryptography and Security · Computer Science
Detection and Prevention of New Attacks for ID-based Authentication Protocols
Jinyong Chen, Reiner Dojen, Anca Jurcut
2021-02-01
Cryptography and Security · Computer Science
An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards
Al-Sakib Khan Pathan, Choong Seon Hong
2015-05-13
Cryptography and Security · Computer Science
Cryptanalysis of A Secure Remote User Authentication Scheme Using Smart Cards
Tanmoy Maitra
2015-02-18
Quantum Physics · Physics
Cryptanalysis of The Quantum Secure Direct Communication and Authentication Protocol With Single Photons
Ali Amerimehr, Massoud Hadian Dehkordi
2016-09-30
Cryptography and Security · Computer Science
Security Analysis of a Remote User Authentication Scheme with Smart Cards
Manoj Kumar
2007-11-02
Cryptography and Security · Computer Science
Vulnerability Analysis of PAP for RFID Tags
Mu'awya Naser, Pedro Peris-Lopez, Mohammd Rafie, Jan van der Lubbe
2010-08-24
Cryptography and Security · Computer Science
The Password Change Phase is Still Insecure
Manoj Kumar
2007-05-23
R2 v1 2026-06-21T15:43:16.648Z