Premium
On the security of a dynamic identity‐based remote user authentication scheme with verifiable password update
Author(s) -
Liu Yongchun,
Gong Peng,
Yan Xiaopeng,
Li Ping
Publication year - 2013
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.2708
Subject(s) - verifiable secret sharing , password , computer science , scheme (mathematics) , computer security , authentication (law) , one time password , security analysis , identity (music) , password strength , password cracking , computer network , mathematical analysis , physics , mathematics , set (abstract data type) , acoustics , programming language
Summary Recently, Chang et al . [Chang Y, Tai W, Chang H. Untraceable dynamic identity‐based remote user authentication scheme with verifiable password update. International Journal of Communication Systems 2013; doi:10.1002/dac.2552] proposed a dynamic identity‐based remote user authentication scheme with verifiable password update. They also proved that their scheme could withstand various attacks. Unfortunately, by proposing concrete attacks, we show that their scheme is vulnerable to three kinds of attacks. We also point out that their scheme cannot provide untraceability. The analysis shows that the scheme of Chang et al . is not suitable for practical applications. Copyright © 2013 John Wiley & Sons, Ltd.