کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
456633 | 695762 | 2006 | 6 صفحه PDF | دانلود رایگان |

Anonymity is a desirable security feature in addition to providing user identification and key agreement during a user's login process. Recently, Yang et al., proposed an efficient user identification and key distribution protocol while preserving user anonymity. Their protocol addresses a weakness in the protocol proposed by Wu and Hsu. Unfortunately, Yang's protocol poses a vulnerability that can be exploited to launch a Denial-of-Service (DoS) attack. In this paper, we cryptanalyze Yang's protocol and present the DoS attack. We further secure their protocol by proposing a Secure Identification and Key agreement protocol with user Anonymity (SIKA) that overcomes the above limitation while achieving security features like identification, authentication, key agreement and user anonymity.
Journal: Computers & Security - Volume 25, Issue 6, September 2006, Pages 420–425