Pub. online:5 Aug 2022Type:Research ArticleOpen Access
Journal:Informatica
Volume 16, Issue 1 (2005), pp. 37–44
Abstract
In 1995, Wu proposed a remote login authentication scheme based on geometric approach. However, Chien, Jan and Tseng presented a cryptanalysis of Wu’s scheme to show that it is not secure. Moreover, they proposed a modified version of Wu’s scheme. This paper presents there is a serious weakness in this modified remote login authentication scheme. We show that an illegal user can easily forge a valid login request in the modified version proposed previously.
Pub. online:6 May 2020Type:Research ArticleOpen Access
Journal:Informatica
Volume 31, Issue 2 (2020), pp. 277–298
Abstract
The vulnerable part of communications between user and server is the poor authentication level at the user’s side. For example, in e-banking systems for user authentication are used passwords that can be lost or swindled by a person maliciously impersonating bank.
To increase the security of e-banking system users should be supplied by the elements of public key infrastructure (PKI) but not necessary to the extent of standard requirements which are too complicated for ordinary users.
In this paper, we propose two versions of authenticated key agreement protocol (AKAP) which can be simply realized on the user’s side. AKAP is a collection of cryptographic functions having provable security properties.
It is proved that AKAP1 is secure against active adversary under discrete logarithm assumption when formulated certain conditions hold. AKAP2 provides user’s anonymity against eavesdropping adversary. The partial security of AKAP2 is investigated which relies on the security of asymmetric encryption function.
Journal:Informatica
Volume 14, Issue 3 (2003), pp. 289–294
Abstract
Smart card has been adopted to various applications. In 2000, Hwang and Li proposed a remote user authentication scheme, which is also using smart card. Nine months later, Chan and Cheng pointed out that there is a weakness in the remote authentication scheme proposed by Hwang and Li. In this paper, we show that Chan and Cheng's attack does not work well because they did not consider the format of user's identity. In addition, we propose several ways to solve the problem of Chan and Cheng's attack.
Journal:Informatica
Volume 11, Issue 4 (2000), pp. 435–440
Abstract
This paper discusses a known-plaintext attack on a redundancy reducing cipher method which is proposed by Wayner. We also propose an extension of Wayner's redundancy reducing cipher scheme so that the security will be improved greatly.
Journal:Informatica
Volume 11, Issue 1 (2000), pp. 15–18
Abstract
Recently, Harn proposed an efficient scheme that can batch verification multiple RSA digital signatures. His scheme can reduce signature verification time. However, there is a weakness in his scheme. In this study, we present two methods to against his scheme.