Comments on Five Smart Card Based Password Authentication Protocols
Yalin Chen, Jue-Sam Chou*, Chun-Hui Huang
TL;DR
This paper critically evaluates five recent smart card password authentication protocols against established security requirements, revealing vulnerabilities such as offline guessing and insider attacks.
Contribution
It provides a detailed security analysis of five protocols, identifying specific weaknesses and attack vectors that compromise their robustness.
Findings
Juang et al.'s, Hsiang et al.'s, Kim et al.'s, and Li et al.'s protocols are vulnerable to offline password guessing attacks.
Xu et al.'s protocol is susceptible to insider impersonation attacks.
The analysis highlights the need for improved security measures in smart card authentication protocols.
Abstract
In this paper, we use the ten security requirements proposed by Liao et al. for a smart card based authentication protocol to examine five recent work in this area. After analyses, we found that the protocols of Juang et al.'s , Hsiang et al.'s, Kim et al.'s, and Li et al.'s all suffer from offline password guessing attack if the smart card is lost, and the protocol of Xu et al.'s is subjected to an insider impersonation attack.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Authentication Protocols Security · User Authentication and Security Systems · RFID technology advancements