A New Improved Secure Password Authentication Protocol to Resist Guessing Attack in Wireless Networks

Wireless communication is widely used today. It transmits information through an open network such that it always suffers by a variety of attacks. In 2006, Yoon et al. proposed a secure password authentication protocol for wireless networks to fix the drawback ofMa et al.' s protocol. In this article, we will show that the Yoon et al.' s protocol is vulnerable to both off-line password guessing attack and replay attack. We will present a new improved protocol to fix the flaw. As shown, the improved protocol is secure while the computation cost is quite low.

[1]  Eun-Jun Yoon,et al.  Secure Password Authentication Protocol in Wireless Networks , 2006, International Conference on Next Generation Web Services Practices.

[2]  Jesse Walker,et al.  Unsafe at any key size; An analysis of the WEP encapsulation , 2000 .

[3]  Peter Y. A. Ryan,et al.  Modelling and analysis of security protocols , 2001 .

[4]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[5]  Xiaoqi Ma,et al.  Verifying and Fixing Password Authentication Protocol , 2006, Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06).

[6]  Jin-Young Choi,et al.  Formal verification of PAP and EAP-MD5 protocols in wireless networks: FDR model checking , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..