Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
9506532 | Applied Mathematics and Computation | 2005 | 9 Pages |
Abstract
In 2001, Tsaur proposed a smart card based password authentication scheme for multi-server Internet environments. It is the first scheme for password authentication in multi-server environments. Tsaur's scheme can verify a single password for logging in multiple authorized servers without using any password verification table at all, and emphasizes that any client can get service granted from multiple servers without repeating registration to every single server. One year later in 2002, Kim et al. pointed out that Tsaur's scheme cannot be secure against the off-line guessing attack. Nevertheless, Kim et al. did not propose any modification method. In this paper, we will show another weakness in Tsaur's scheme, and further give an improvement such that the above two weaknesses can be withstood accurately.
Related Topics
Physical Sciences and Engineering
Mathematics
Applied Mathematics
Authors
Woei-Jiunn Tsaur, Chia-Chun Wu, Wei-Bin Lee,