Your search keyword '"Rainbow table"' showing total 3 results

1. Smart card based secure password authentication scheme

Author

Chang Jin-Fu and Wang Shiuh-Jeng

Subjects

Zero-knowledge password proof, General Computer Science, computer.internet_protocol, Computer science, Salt (cryptography), Computer security, computer.software_genre, One-time password, S/KEY, Password strength, Public-key cryptography, Key stretching, Syskey, Password authentication protocol, Password, Password policy, business.industry, Password cracking, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Rainbow table, Discrete logarithm, HMAC-based One-time Password Algorithm, Smart card, Challenge–response authentication, business, Law, computer

Abstract

This paper presents a smart card based remote access password authentication scheme which can verify a log-in password without verification table. It utilizes the signature property of public key systems. The security of our scheme rests in part on the difficulty of factoring a large number and on the discrete logarithm problem. Not only can the network users freely choose their preferred passwords, but the network system can also be protected against replay by time stamping the password.

Published

1996

2. Cryptanalysis of a user friendly remote authentication scheme with smart cards

Author

Chou-Chen Yang and Ren-Chiun Wang

Subjects

Zero-knowledge password proof, General Computer Science, Computer science, Salt (cryptography), Hash function, Computer security, computer.software_genre, One-time password, law.invention, Password strength, S/KEY, law, Password, Authentication, Password policy, Cognitive password, business.industry, Pass the hash, Password cracking, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Rainbow table, Hash chain, Smart card, Challenge–response authentication, business, Cryptanalysis, Law, computer

Abstract

Recently, Sun proposed an efficient remote user authentication scheme by employing one-way hash function. In his scheme, the system does not need to maintain a password table and the communication cost of the scheme is low, but the user cannot freely choose a password. Therefore, Wu and Chieu improved Sun's scheme for enhancing the user's demand that the user can choose and change his password freely. However, in this paper, we point out that Wu and Chieu's improvement is vulnerable to the password guessing and forgery attacks.

Published

2004

3. A remote password authentication scheme based upon ElGamal's signature scheme

Author

Chin-Chin Chang and Wen-Yuan Liao

Subjects

Zero-knowledge password proof, Software_OPERATINGSYSTEMS, General Computer Science, Computer science, computer.internet_protocol, Salt (cryptography), Computer security, computer.software_genre, One-time password, S/KEY, Password strength, Digital signature, Key stretching, Syskey, Password authentication protocol, ElGamal encryption, Password, business.industry, Password cracking, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Rainbow table, HMAC-based One-time Password Algorithm, Timestamp, Smart card, Challenge–response authentication, business, Law, computer

Abstract

A conventional password authentication scheme requires password files or verification tables which cannot withstand an attack of replaying previously intercepted passwords by an intruder. In this paper, we propose a new password authentication scheme which is based on ElGamal's signature scheme. This scheme is suitable for applications which make use of passwords that are sent from remote locations. Our scheme can verify remote passwords using neither password files nor verification tables. Our password authentication scheme has three phases: (1) the computer system issues a smart card and a password according to the ID submitted by the registering user; (2) the login procedure is invoked; and (3) the password authentication procedure is invoked. We have also analyzed the security of this newly proposed remote password authentication scheme.

Published

1994