Home > Published Issues > 2020 > Volume 9, No. 3, May 2020 >

An Improved Key Agreement Authentication Scheme Based on an Anonymous Password

Hsieh-Tsen Pan1, Shu-Fen Chiou2, Cheng-Ying Yang3, and Min-Shiang Hwang1,4
1. Department of Computer Science & Information Engineering, Asia University, Taichung, Taiwan
2. Department of Information Management, National Taichung University of Science and Technology, Taiwan
3. Department of Computer Science, University of Taipei, Taipei, Taiwan
4. Department of Medical Research, China Medical University Hospital, China Medical University, Taichung, Taiwan

Abstract—It is becoming much significant in the security of password-based authentication over the Internet. Recently, with a formal proof, the improved anonymous passwordbased authentication scheme was proposed by Wu, Chen, and Wang. Within the practical applications, the scheme provides better performance for security. The scheme has claimed the ability to withstand various known attacks, such as user anonymity, user and server impersonations, and so on. Unfortunately, there still exist some weaknesses in the scheme. This work shows that the scheme is not secure to those attacks, such as online password guessing and denial of service attacks. Finally, the improved scheme is proposed.

Index Terms—Password, smart card, formal proof, user authentication, key agreement

Cite: Hsieh-Tsen Pan, Shu-Fen Chiou, Cheng-Ying Yang, and Min-Shiang Hwang, "An Improved Key Agreement Authentication Scheme Based on an Anonymous Password," International Journal of Electrical and Electronic Engineering & Telecommunications, Vol. 9, No. 3, pp. 199-205, May 2020. Doi: 10.18178/ijeetc.9.3.199-205

Copyright © 2020 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.