Pub. online:5 Aug 2022Type:Research ArticleOpen Access
Journal:Informatica
Volume 16, Issue 2 (2005), pp. 203–212
Abstract
In 2001, Tseng, Jan, and Chien proposed an improved version of Peyravian–Zunic’s password authentication scheme based on the Diffie–Hellman scheme. Later, Yang, Chang, and Hwang demonstrated that Tseng–Jan–Chien’s scheme is vulnerable to a modification attack, and then described an improved scheme. In this paper, we show that Yang–Chang–Hwang’s scheme is still vulnerable to a denial-of-service attack and a stolen-verifier attack. In addition, we also propose an improved scheme with better security.
Journal:Informatica
Volume 15, Issue 2 (2004), pp. 161–170
Abstract
This paper presents an improved method inspired by the recently proposed Pretty‐Simple PAKE (Password Authenticated Key‐Exchange) protocol, which is already a well‐known, robust and simple password authenticated key exchange scheme. In our even more efficient scheme, only the password needs to be negotiated in advance, and the computations have also been simplified. Our scheme is based on the elliptic curve discrete logarithm problem and can gain the benefit from the key block size, speed and security. Since our new scheme is both efficient and fast with a low cost for device storage, it is especially suitable for the wireless network environment.