A Security Enhanced Password Authentication and Update Scheme Based on Elliptic Curve Cryptography

Hang Tu

Abstract


As two fundamental requirements to ensure secure communications over an insecure public network channel, password authentication and update of password have received considerable attention. To satisfy the above two requirements, Islam et al. proposed a password authentication and update scheme based on elliptic curve cryptography. They claimed that their scheme could withstand various attacks. Unfortunately, He et al. found Islam et al.’s scheme is still vulnerable to off-line password guessing attack and stolen-verifier attack. In this paper, a security enhanced scheme is developed to eliminate the identified weaknesses. The analysis shows that our scheme can not only overcome the security vulnerability in Islam et al.’s scheme, but also has better performance than their scheme. Then our scheme is more suitable for practical applications.


Keywords


Password authentication, Elliptic curve cryptography, off-line password guessing attack, stolen-verifier attack

Full Text:

PDF


DOI: http://doi.org/10.11591/ijeecs.v12.i10.pp7353-7360

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

shopify stats IJEECS visitor statistics