Yet another attack on a QR-based password authentication system
暂无分享,去创建一个
In 1988, Laih, Harn, and Huang proposed a password authentication scheme using quadratic residues (QR). In 1995, Chang, Wu, and Laih showed that the proposed password authentication scheme is suffered from an attack, where the attacker needs to apply to the system for four valid accounts, and then the desired password corresponding to an identity can be easily obtained. We propose another more effective attack and we show that only one extra valid account is needed in our new attack.
[1] Chin-Chen Chang,et al. Cryptanalysis of a Password Authentication Scheme Using Quadratic Residues , 1995, Comput. Commun..
[2] Stephen M. Matyas,et al. Cryptographic Authentication of Time-Invariant Quantities , 1981, IEEE Trans. Commun..