INFORMATICAInformatica0868-49520868-4952VUinf1441110.15388/Informatica.2003.041Research articleSecurity of Improvement on Methods for Protecting Password TransmissionYangChou‐ChenDepartment of Management Information System, National Chung Hsing University, 250 Kuo Kuang Road, 402 Taichung, Taiwan, R.O.C.ChangTing‐YiDepartment of Computer and Information Science, National Chiao Tung University, 1001 Ta Hsueh Road, Hsinchu, Taiwan, R.O.C.HwangMin‐Shiangmshwang@nchu.edu.twDepartment of Management Information System, National Chung Hsing University, 250 Kuo Kuang Road, 402 Taichung, Taiwan, R.O.C.0101200314455155801062003

Recently, Tseng et al. proposed an improvement on Peyravian and Zunic's protected password transmission scheme and protected changing scheme to remove some security flaws. However, as we will point out in this paper, any adversary can intercept the request for changing the password sent by a legal user and modify it with a wrong password. Furthermore, we shall also propose an improved version of their protected password changing scheme to help it out of the trouble.

authenticationcryptographydiscrete logarithmpassword