원문정보
보안공학연구지원센터(IJSIA)
International Journal of Security and Its Applications
Vol.1 No.2
2007.10
pp.33-40
피인용수 : 0건 (자료제공 : 네이버학술정보)
초록
영어
In 2003, Yang, Chang, and Hwang proposed an enhanced scheme of Peyravivan-Zunic’s
password authentication scheme by using the Diffie-Hellman scheme. Later, Yoon, Ryu, and
Yoo demonstrated that Yang-Chang-Hwang’s scheme is vulnerable to a stolen-verifier attack
and a denial-of-service attack, and then proposed an improved scheme. In this paper, we
show that Yoon-Ryu-Yoo’s scheme is still vulnerable to a stolen-verifier attack and a server
spoofing attack under some reasonable assumption. In addition, we propose an improved
scheme to eliminate such security flaws.
목차
Abstract
1. Introduction
2. A Review and the Security Flaw of Yoon-Ryu-Yoo’s Scheme
2.1 A Review of Yoon-Ryu-Yoo’s Scheme
2.2 The Security Flaw of Yoon-Ryu-Yoo’s Scheme
3. The Proposed Scheme
3.1 The Proposed Password Change Protocol
4. Security Analysis
4.1 The Security Strength against the Replay Attack
4.2 The Security Strength against the Stolen-verifier Attack
4.3 The Security Strength against the Password Guessing Attack
4.4 The Security Strength against the Denied-of-Service Attack
4.5 The Security Strength against the Server Spoofing Attack
5. Conclusions
6. References
1. Introduction
2. A Review and the Security Flaw of Yoon-Ryu-Yoo’s Scheme
2.1 A Review of Yoon-Ryu-Yoo’s Scheme
2.2 The Security Flaw of Yoon-Ryu-Yoo’s Scheme
3. The Proposed Scheme
3.1 The Proposed Password Change Protocol
4. Security Analysis
4.1 The Security Strength against the Replay Attack
4.2 The Security Strength against the Stolen-verifier Attack
4.3 The Security Strength against the Password Guessing Attack
4.4 The Security Strength against the Denied-of-Service Attack
4.5 The Security Strength against the Server Spoofing Attack
5. Conclusions
6. References
저자정보
참고문헌
자료제공 : 네이버학술정보