Emergent Mind
On the Security of ``an efficient and complete remote user authentication scheme''
(0802.2112)
Published Feb 14, 2008
in
cs.CR
Abstract
Recently, Liaw et al. proposed a remote user authentication scheme using smart cards. Their scheme has claimed a number of features e.g. mutual authentication, no clock synchronization, no verifier table, flexible user password change, etc. We show that Liaw et al.'s scheme is completely insecure. By intercepting a valid login message in Liaw et al.'s scheme, any unregistered user or adversary can easily login to the remote system and establish a session key.
We're not able to analyze this paper right now due to high demand.
Please check back later (sorry!).
Generate a summary of this paper on our Pro plan:
We ran into a problem analyzing this paper.