a password authentication scheme with secure password updating
DESCRIPTION
A password authentication scheme with secure password updating. SEC 期末報告 學號: 89321037 姓名:翁玉芬. Source. Chun-Li Lin and Tzonelih Hwang, Computers & Security, Vol.22, No.1, pp. 68-72, 2003. Outline. Introduction Peryravian-Zunic’s Scheme Hwang-Yen’s Scheme Proposed Scheme - PowerPoint PPT PresentationTRANSCRIPT
A password authentication scheme with secure password updating
SEC 期末報告 學號: 89321037
姓名:翁玉芬
Source
Chun-Li Lin and Tzonelih Hwang, Computers & Security, Vol.22, No.1, pp. 68-72, 2003
Outline
Introduction Peryravian-Zunic’s Scheme Hwang-Yen’s Scheme Proposed Scheme Conclusions
Introduction
Password scheme Password authentication protocol
replay attack password search attack stolen-verifier attack
Password change protocol denial of service attack
Key distribution forward secrecy
Peyarian-Zunic
Hwang-Yen
Proposed scheme
Password authentication
Yes Yes Yes
Password change
Yes Yes Yes
Key distribution
Yes Yes
Introduction (cont.)
Notations id: user number pw: password Ks: the server public key
{M}Ks : Encryption of M with Ks
rc: random number generated by client rs: random number generated by server H(.) : one-way hash function
Peyarian-Zunic’s Scheme – password transmission
Client Server
id , rc
rs
id , H( H( id, pw), rc, rs)
Access granted or denied
)pw , ( ,
store
idHid .stolen-verifier attack
Peyarian-Zunic’s Scheme – password change
Client Server
id , rc
rs
Access granted or denied
id , H( H( id, pw), rc, rs),
),1),,(()_,( rsrcpwidHHpwnewidH
) , ( ,
store
pwidHid
denial of service attack
Hwang-Yen’s Scheme –password transmission
Client Server
id , { rc, pw}Ks
id , H (rc, rs)
Access granted or denied
, H ( rs)rcrs
)( ,
store
pwHid
Hwang-Yen’s Scheme -Key distribution
Client Server
id , { rc, pw}Ks receive rcgenerate rc
generate rs, H ( rs)rcrs
receive rs
id , H (rc, rs)
Access granted or deniedComputeH (rc,rs)
ComputeH (rc,rs)
)( ,
store
pwHid
one-time token
No forward secrecy
Hwang-Yen’s Scheme -password change
Client Server
id , { rc, pw}Ks
Access granted or denied
, H( rs)rcrs
id , H(rc, rs),
),1()_( rsrcHpwnewH
)( ,
store
pwHiddenial of service attack
Proposed Scheme –password change
Client Server
id , { rc, pw}Ks
Access granted or denied
, H( rs)rcrs
id , H(rc, rs), H( H( new_pw), rs)
),1()_( rsrcHpwnewH
)( ,
store
pwHid
Proposed Scheme –key distribution
Client Server
generate x
generate y
id , Kspwg x },{Receive
xg
)(, yyx gHgg receive
yg
Access granted or denied
id , ),( yx ggHCompute
xyg
Computexyg
)( ,
store
pwHid
Conclusions
The password change protocol can protest against denial of service attack
The key distribution protocol can propose forward secrecy