Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.
Digital Object Identifier (DOI) : 10.14569/IJACSA.2011.021018
Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 2 Issue 10, 2011.
Abstract: In this paper we study a scheme for making cryptanalysis and security improvement. This protocol by Song, is a password authentication protocol using smart card. We note that this protocol has been shown to be prone to the offline password guessing attack. We perform an additional cryptanalysis on this scheme and detect that it is vulnerable to the clogging attack, a type of denial-of-service attack. We notice that all smart card typed authentication schemes which lead the scheme by Song, and need the server to find the computationally exhaustive modular exponentiation, similar to the scheme by Xu et al., and it is vulnerable to the clogging attack. Then we propose an enhancement in the scheme to avoid the clogging attack.
Sattar J Aboud and Abid T. Al Ajeeli, “ Cryptanalysis of An Advanced Authentication Scheme” International Journal of Advanced Computer Science and Applications(IJACSA), 2(10), 2011. http://dx.doi.org/10.14569/IJACSA.2011.021018