By Topic

Comments on a Secret-Key-Privacy-Preserving Authentication and Key Agreement Scheme

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Ya-Fen Chang ; Dept. of Comput. Sci. & Inf. Eng., Nat. Taichung Inst. of Technol., Taichung, Taiwan ; Jhih-Yi Lin ; Yuo-Ju Yen

Lots applications need involved parties to share common session keys for specific requirements. For example, the shared key can be the seed to determine locations to hide secret data into an image. Wang et al. proposed an authentication scheme with key agreement based on the elliptic curve discrete logarithm problem in 2011. They claimed that their scheme had seven advantages. (1) A verification table is not required in the server. (2) The client's password can be changed easily, and the server cannot obtain the client's password. (3) Their scheme could resist all well-known security threats. (4) No time synchronization is needed. (5)The client and the server can share a common session key. (6) Their scheme is efficient and practical. (7) Their scheme can protect the privacy of the client's secret information. After we analyze Wang et al.'s scheme thoroughly, we find that their scheme suffers from three threats. In this paper, we will show the perceived security threats of Wang et al.'s scheme in detail.

Published in:

Genetic and Evolutionary Computing (ICGEC), 2011 Fifth International Conference on

Date of Conference:

Aug. 29 2011-Sept. 1 2011