Timestamp-based password authentication scheme

Eddie Shahril Ismail, S. M.S. Syed-Musa

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Password authentication schemes allow a user or client to log into a remote server if the identity of the user or client is successfully authenticated by the system server. Authentication is done by supplying a correct password of the user to the server. Research on how one can protect the password from an adversary in such schemes have become more and more crucial in this era of technology. In 1999, Yang and Shieh proposed two password authentication schemes; timestamp-based and nonce-based schemes. However, in 2005, Kim et al. showed that these schemes are insecure and proposed an improvement. Later in 2009, Liu and Zhong successfully proved Kim's improved version also to be insecure butsuggested no further improvement. In this paper, we improve Kim et al.'s timestamp-based scheme and show that the improved version is secure against attacks found by Kim et al. and Liu &Zhong.

Original languageEnglish
Title of host publicationProceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017
Subtitle of host publicationMathematical Sciences as the Core of Intellectual Excellence
PublisherAmerican Institute of Physics Inc.
Volume1974
ISBN (Electronic)9780735416819
DOIs
Publication statusPublished - 28 Jun 2018
Event25th National Symposium on Mathematical Sciences: Mathematical Sciences as the Core of Intellectual Excellence, SKSM 2017 - Kuantan, Pahang, Malaysia
Duration: 27 Aug 201729 Aug 2017

Other

Other25th National Symposium on Mathematical Sciences: Mathematical Sciences as the Core of Intellectual Excellence, SKSM 2017
CountryMalaysia
CityKuantan, Pahang
Period27/8/1729/8/17

Fingerprint

supplying
attack

Keywords

  • Cryptography
  • Discrete logarithm
  • Factoring
  • Password authentication

ASJC Scopus subject areas

  • Physics and Astronomy(all)

Cite this

Ismail, E. S., & Syed-Musa, S. M. S. (2018). Timestamp-based password authentication scheme. In Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017: Mathematical Sciences as the Core of Intellectual Excellence (Vol. 1974). [020051] American Institute of Physics Inc.. https://doi.org/10.1063/1.5041582

Timestamp-based password authentication scheme. / Ismail, Eddie Shahril; Syed-Musa, S. M.S.

Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017: Mathematical Sciences as the Core of Intellectual Excellence. Vol. 1974 American Institute of Physics Inc., 2018. 020051.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ismail, ES & Syed-Musa, SMS 2018, Timestamp-based password authentication scheme. in Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017: Mathematical Sciences as the Core of Intellectual Excellence. vol. 1974, 020051, American Institute of Physics Inc., 25th National Symposium on Mathematical Sciences: Mathematical Sciences as the Core of Intellectual Excellence, SKSM 2017, Kuantan, Pahang, Malaysia, 27/8/17. https://doi.org/10.1063/1.5041582
Ismail ES, Syed-Musa SMS. Timestamp-based password authentication scheme. In Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017: Mathematical Sciences as the Core of Intellectual Excellence. Vol. 1974. American Institute of Physics Inc. 2018. 020051 https://doi.org/10.1063/1.5041582
Ismail, Eddie Shahril ; Syed-Musa, S. M.S. / Timestamp-based password authentication scheme. Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017: Mathematical Sciences as the Core of Intellectual Excellence. Vol. 1974 American Institute of Physics Inc., 2018.
@inproceedings{b474910034104bf98a5b820399afe226,
title = "Timestamp-based password authentication scheme",
abstract = "Password authentication schemes allow a user or client to log into a remote server if the identity of the user or client is successfully authenticated by the system server. Authentication is done by supplying a correct password of the user to the server. Research on how one can protect the password from an adversary in such schemes have become more and more crucial in this era of technology. In 1999, Yang and Shieh proposed two password authentication schemes; timestamp-based and nonce-based schemes. However, in 2005, Kim et al. showed that these schemes are insecure and proposed an improvement. Later in 2009, Liu and Zhong successfully proved Kim's improved version also to be insecure butsuggested no further improvement. In this paper, we improve Kim et al.'s timestamp-based scheme and show that the improved version is secure against attacks found by Kim et al. and Liu &Zhong.",
keywords = "Cryptography, Discrete logarithm, Factoring, Password authentication",
author = "Ismail, {Eddie Shahril} and Syed-Musa, {S. M.S.}",
year = "2018",
month = "6",
day = "28",
doi = "10.1063/1.5041582",
language = "English",
volume = "1974",
booktitle = "Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017",
publisher = "American Institute of Physics Inc.",

}

TY - GEN

T1 - Timestamp-based password authentication scheme

AU - Ismail, Eddie Shahril

AU - Syed-Musa, S. M.S.

PY - 2018/6/28

Y1 - 2018/6/28

N2 - Password authentication schemes allow a user or client to log into a remote server if the identity of the user or client is successfully authenticated by the system server. Authentication is done by supplying a correct password of the user to the server. Research on how one can protect the password from an adversary in such schemes have become more and more crucial in this era of technology. In 1999, Yang and Shieh proposed two password authentication schemes; timestamp-based and nonce-based schemes. However, in 2005, Kim et al. showed that these schemes are insecure and proposed an improvement. Later in 2009, Liu and Zhong successfully proved Kim's improved version also to be insecure butsuggested no further improvement. In this paper, we improve Kim et al.'s timestamp-based scheme and show that the improved version is secure against attacks found by Kim et al. and Liu &Zhong.

AB - Password authentication schemes allow a user or client to log into a remote server if the identity of the user or client is successfully authenticated by the system server. Authentication is done by supplying a correct password of the user to the server. Research on how one can protect the password from an adversary in such schemes have become more and more crucial in this era of technology. In 1999, Yang and Shieh proposed two password authentication schemes; timestamp-based and nonce-based schemes. However, in 2005, Kim et al. showed that these schemes are insecure and proposed an improvement. Later in 2009, Liu and Zhong successfully proved Kim's improved version also to be insecure butsuggested no further improvement. In this paper, we improve Kim et al.'s timestamp-based scheme and show that the improved version is secure against attacks found by Kim et al. and Liu &Zhong.

KW - Cryptography

KW - Discrete logarithm

KW - Factoring

KW - Password authentication

UR - http://www.scopus.com/inward/record.url?scp=85049787166&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85049787166&partnerID=8YFLogxK

U2 - 10.1063/1.5041582

DO - 10.1063/1.5041582

M3 - Conference contribution

VL - 1974

BT - Proceeding of the 25th National Symposium on Mathematical Sciences, SKSM 2017

PB - American Institute of Physics Inc.

ER -