Weaknesses and improvement of secure hash-based strong-password authentication protocol

Jeong Hanjae, Won Dongho, Kim Seungjoo

Research output: Contribution to journalArticlepeer-review

10 Citations (Scopus)

Abstract

In 2008, Kim-Koç proposed a secure hash-based strong-password authentication protocol using one-time public key cryptography. He claimed that the protocol was secure against guessing, stolen-verifier, replay, denial-of-service, and impersonation attacks. However, we show that the protocol is vulnerable to impersonation, guessing, and stolen-verifier attacks. We propose improvements to increase the security level of the protocol.

Original languageEnglish
Pages (from-to)1845-1858
Number of pages14
JournalJournal of Information Science and Engineering
Volume26
Issue number5
Publication statusPublished - 2010 Sept
Externally publishedYes

Keywords

  • Guessing attack
  • Hash-based password authentication
  • Impersonation attack
  • Password-based authentication
  • Stolen-verifier attack

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Hardware and Architecture
  • Library and Information Sciences
  • Computational Theory and Mathematics

Fingerprint

Dive into the research topics of 'Weaknesses and improvement of secure hash-based strong-password authentication protocol'. Together they form a unique fingerprint.

Cite this