Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
9506629 | Applied Mathematics and Computation | 2005 | 10 Pages |
Abstract
Recently, Yang et al. proposed an improvement to Tseng et al.'s protected password changing scheme that can withstand denial of service attack. However, the improved scheme is still susceptible to stolen-verifier attack and denial of service attack. Accordingly, the current paper demonstrates the vulnerability of Yang et al.'s scheme to two simple attacks and presents a new protected password change scheme using a public server key to resolve such problems. In contrast to Yang et al.'s protected password changing scheme, the proposed scheme can simply update user passwords without a complicated process, and also provides explicit key authentication and perfect forward secrecy in the case of a session key agreement.
Related Topics
Physical Sciences and Engineering
Mathematics
Applied Mathematics
Authors
Eun-Jun Yoon, Kee-Young Yoo,