Skip to Main Content

IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account | Sign In

Author Search^beta | Advanced Search | Preferences | | More Search Options

Browse Conference Publications > Multitopic Conference, 2007. ...

Cryptanalysis and Security Enhancement of Two Password Authentication Schemes with Smart Cards

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Username

Password

Purchase PDF
Other Formats

Formats	Non-Member	Member
PDF	$31	$13

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

Already Purchased? View Article
Subscription Options Learn More

1 Author(s)

Khan, M.K. ; Res. Group for Biometrics & Security, Bahria Univ., Karachi

Recently, Yang et al. proposed an improvement of two password authentication schemes based on timestamp and nonce. They claimed that their schemes are secure against different kind of attacks. However, we point out that their schemes are vulnerable and can easily be cryptanalyzed. We demonstrate that their schemes perform unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, thus their schemes are susceptible to the server spoofing attack. To fill this security gap, we present an improvement which overcomes the weakness of Yang et al.'s schemes. As a result, our improved security patch establishes trust between client and remote system in the form of mutual authentication.

Published in:
Multitopic Conference, 2007. INMIC 2007. IEEE International

Date of Conference: 28-30 Dec. 2007

Page(s):: 1 - 4
E-ISBN :: 978-1-4244-1553-3
Print ISBN:: 978-1-4244-1552-6
INSPEC Accession Number:: 10044960

Conference Location :: Lahore
Digital Object Identifier :: 10.1109/INMIC.2007.4557692
Product Type:: Conference Publications

Author(s)

Khan, M.K.
Res. Group for Biometrics & Security, Bahria Univ., Karachi

INSPEC: CONTROLLED INDEXING

authorisation

cryptography

smart cards

INSPEC: NON CONTROLLED INDEXING

client authentication

cryptanalysis

mutual authentication

password authentication

security enhancement

smart cards

timestamp

unilateral authentication

IEEE TERMS

Authentication

Biometrics

Computer science

Computer security

Equations

Forgery

Information security

Network servers

Resists

Smart cards

Referenced Items are not available for this document.

No versions found for this document.

Standards Dictionary Terms are available to subscribers only.

| Create Account

IEEE Account

Purchase Details

Profile Information

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

IEEE Advancing Technology for Humanity

About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.