A protected password change protocol
Ren-Chiun Wang, Chou-Chen Yang, Kun-Ru Mo
TL;DR
This paper reviews existing protected password change protocols, identifies vulnerabilities in recent schemes, and proposes a new protocol that resists various security threats to improve password management security.
Contribution
The paper introduces a novel password change protocol that withstands attacks like password guessing, denial of service, and known-key attacks, enhancing security over previous methods.
Findings
Previous protocols are vulnerable to multiple attacks.
The proposed protocol resists password guessing, denial of service, and known-key attacks.
The new protocol improves security and efficiency in password management.
Abstract
Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et al. proposed a simple authenticated key agreement and protected password change protocol for enhancing the security and efficiency. In this paper, authors shall show that password guessing, denial of service and known-key attacks can work in their password change protocol. At the same time, authors shall propose a new password change protocol to withstand all the threats of security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsUser Authentication and Security Systems · Advanced Authentication Protocols Security · Biometric Identification and Security