Security Enhancement for Protecting Password Transmission

In 2002, Hwang and Yeh proposed some improved schemes to mend several security flaws in the Peyravian-Zunic password transmission scheme and password change scheme. However, this article will point out that there still exist some security flaws in the Hwang-Yeh schemes; at the same time, we shall also propose some improved versions of their schemes.

[1]  Min-Shiang Hwang A remote password authentication scheme based on the digital signature method , 1999, Int. J. Comput. Math..

[2]  Nevenko Zunic,et al.  Methods for Protecting Password Transmission , 2000, Comput. Secur..

[3]  Cheng-Chi Lee,et al.  A flexible remote user authentication scheme using smart cards , 2002, OPSR.

[4]  I. C. Lin,et al.  (IEEE Transactions on Neural Networks,12(6):1498-1504)A Remote Password Authentication Scheme for Multi-Server Architecture Using Neural Network , 2001 .

[5]  Jing-Jang Hwang,et al.  Improvement on Peyravian-Zunic's Password Authentication Schemes , 2002 .

[6]  Min-Shiang Hwang,et al.  Cryptanalysis of the Batch Verifying Multiple RSA Digital Signatures , 2000, Informatica.

[7]  Cheng-Chi Lee,et al.  An Improvement of SPLICE/AS in WIDE against Guessing Attack , 2001, Informatica.

[8]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[9]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[10]  Hung-Yu Chien,et al.  On the Security of Methods for Protecting Password Transmission , 2001, Informatica.

[11]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[12]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[13]  Gwoboa Horng Password Authentication Without Using a Password Table , 1995, Inf. Process. Lett..

[14]  Chin-Chen Chang,et al.  An ElGamal-Like Cryptosystem for Enciphering Large Messages , 2002, IEEE Trans. Knowl. Data Eng..