论文信息 - Cryptanalysis of Two User Identification Schemes with Key Distribution Preserving Anonymity

Cryptanalysis of Two User Identification Schemes with Key Distribution Preserving Anonymity

In 2004, Wu-Hsu proposed an efficient identification scheme preserving anonymity. However, Yang et al. showed that Wu-Hsu’s scheme has a serious weakness, by which the service provider can learn the secret token of the user who requests services. To overcome this limitation, they further proposed a scheme to attain the same set of objectives as the previous works. Nevertheless, the two schemes still have other serious weaknesses. Accordingly, the current paper demonstrates the vulnerability of the two schemes. Furthermore, we present a method to avoid attack.

Eun-Jun Yoon | Kee-Young Yoo

[1] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2] Chien-Lung Hsu,et al. Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks , 2004, Comput. Secur..

[3] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4] Chun-Li Lin,et al. A password authentication scheme with secure password updating , 2003, Comput. Secur..

[5] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[6] Robert H. Deng,et al. New efficient user identification and key distribution scheme providing enhanced security , 2004, Comput. Secur..

[7] Min-Shiang Hwang,et al. Security Enhancement for Protecting Password Transmission , 2003 .