期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2008
卷号:2
期号:2
出版社:SERSC
摘要:Yeh et al., in 2002, proposed a one-time password authentication scheme using smart cards. Subsequently, Tsuji et al. and Ku et al. respectively showed that Yeh et al.’s scheme is vulnerable to stolen-verifier attacks. Recently, Lee and Chen proposed an improvement of Yeh et al.’s scheme. Lee and Chen claimed that their improvement can effectively withstand the stolen-verifier attack and is as efficient as Yeh et al.’s scheme. This paper, however, will point out that Lee and Chen’s improvement is still vulnerable to a masquerade attack. And, a simple improvement is given to resist the masquerade attack.