摘要:Recently, Li proposed a new password authentication and user anonymity scheme based on elliptic curve cryptography. In this paper, we will show that Li’s scheme is vulnerable to the impersonation attack and the denial of service attack. Moreover, we also point out that there is an error in his scheme. To overcome the weaknesses of Li’s scheme, we proposed an efficient password authentication scheme based on elliptic curve cryptography. The proposed scheme improves the security and efficiency of the authentication process.