The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

Improved Secure Remote User Authentication Protocol

  • 이지선 (고려대학교, 정보경영공학전문대학원, BK21 유비쿼터스 정보보호사업단) ;
  • 박지혜 (티맥스소프트) ;
  • 장직현 (서강대학교 컴퓨터공학과)
  • Published : 2009.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, Holbl et al. proposed an improvement to Peyravian-Jeffries's password-based authentication protocol to overcome some security flaws. However, Munilla et al. showed that Holbl et al.'s improvement is still vulnerable to off-line password guessing attack. In this paper, we provide a secure password-based authentication protocol which gets rid of the security flaws of Holbl et al.'s protocol.

Keywords

References

  1. S. Bellovin, and M.merritt, 'Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks,' Proc. of the Symposium on Security and Privacy, IEEE Computer Society, pp. 72-84, 1992 https://doi.org/10.1109/RISP.1992.213269
  2. W. Diffie, and M. Hellman, 'New directions in cryptography,' IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644-654, 1976 https://doi.org/10.1109/TIT.1976.1055638
  3. M. H$\ddot{o}$lbl, T. Welzer, and B. Brumen, 'Improvement of the Peyravian-Jefferies's user authentication protocol and password change protocol', Computer Communications, Vol. 31, No. 10, pp. 1945-1951, 2008 https://doi.org/10.1016/j.comcom.2007.12.029
  4. J. Munilla, and A. Peinado, 'Off-line passwordguessing attack to Peyravian-Jeffries's remote user authentication protocol,' Computer Communications, Vol. 30, No. 1, pp. 52-54, 2006 https://doi.org/10.1016/j.comcom.2006.07.012
  5. J. Munilla, and A. Peinado, 'Security flaw of H$\ddot {o}$lbl et al.'s protocol,' Computer Communications, Vol. 32, No. 4, pp. 736-739, 2009 https://doi.org/10.1016/j.comcom.2008.11.034
  6. M. Peyravian, and C. Jeffries, 'Secure remote user access over insecure networks,' Computer Communications, Vol. 29, No. 5, pp. 660-667, 2006 https://doi.org/10.1016/j.comcom.2005.07.025
  7. K. A. Shim, 'Security flaws of remote user access over insecure networks,' Computer Communications, Vol. 30, No. 1, pp. 117-121, 2006 https://doi.org/10.1016/j.comcom.2006.08.001