%0 Journal Article %1 IJACSA.2011.021018 %A Sattar J Aboud, Abid T Al Ajeeli %D 2011 %J International Journal of Advanced Computer Science and Applications(IJACSA) %K attack,authentication attack., clogging guessing offline password protocol %N 10 %T Cryptanalysis of An Advanced Authentication Scheme %U http://ijacsa.thesai.org/ %V 2 %X In this paper we study a scheme for making cryptanalysis and security improvement. This protocol by Song, is a password authentication protocol using smart card. We note that this protocol has been shown to be prone to the offline password guessing attack. We perform an additional cryptanalysis on this scheme and detect that it is vulnerable to the clogging attack, a type of denial-of-service attack. We notice that all smart card typed authentication schemes which lead the scheme by Song, and need the server to find the computationally exhaustive modular exponentiation, similar to the scheme by Xu et al., and it is vulnerable to the clogging attack. Then we propose an enhancement in the scheme to avoid the clogging attack.

@article{IJACSA.2011.021018, abstract = {In this paper we study a scheme for making cryptanalysis and security improvement. This protocol by Song, is a password authentication protocol using smart card. We note that this protocol has been shown to be prone to the offline password guessing attack. We perform an additional cryptanalysis on this scheme and detect that it is vulnerable to the clogging attack, a type of denial-of-service attack. We notice that all smart card typed authentication schemes which lead the scheme by Song, and need the server to find the computationally exhaustive modular exponentiation, similar to the scheme by Xu et al., and it is vulnerable to the clogging attack. Then we propose an enhancement in the scheme to avoid the clogging attack.}, added-at = {2014-02-21T08:00:08.000+0100}, author = {{Sattar J Aboud}, Abid T Al Ajeeli}, biburl = {https://www.bibsonomy.org/bibtex/20d54161a5185b23b4a87cceb4506c12f/thesaiorg}, interhash = {de686f1c99f9d0436673cf96ecfd8ce0}, intrahash = {0d54161a5185b23b4a87cceb4506c12f}, journal = {International Journal of Advanced Computer Science and Applications(IJACSA)}, keywords = {attack,authentication attack., clogging guessing offline password protocol}, number = 10, timestamp = {2014-02-21T08:00:08.000+0100}, title = {{Cryptanalysis of An Advanced Authentication Scheme}}, url = {http://ijacsa.thesai.org/}, volume = 2, year = 2011 }