Password authentication schemes allow a user or client to log into a remote server if the identity of the user or client is successfully authenticated by the system server. Authentication is done by supplying a correct password of the user to the server. Research on how one can protect the password from an adversary in such schemes have become more and more crucial in this era of technology. In 1999, Yang and Shieh proposed two password authentication schemes; timestamp-based and nonce-based schemes. However, in 2005, Kim et al. showed that these schemes are insecure and proposed an improvement. Later in 2009, Liu and Zhong successfully proved Kim’s improved version also to be insecure butsuggested no further improvement. In this paper, we improve Kim et al.’s timestamp-based scheme and show that the improved version is secure against attacks found by Kim et al. and Liu &Zhong.
Skip Nav Destination
Research Article| June 28 2018
Timestamp-based password authentication scheme
E. S. Ismail;
AIP Conf. Proc. 1974, 020051 (2018)
E. S. Ismail, S. M. S. Syed-Musa; Timestamp-based password authentication scheme. AIP Conf. Proc. 28 June 2018; 1974 (1): 020051. https://doi.org/10.1063/1.5041582
Download citation file: