An improvement on Yang et al.’s password authentication schemes

摘要

In 1999, Yang and Shieh proposed two password authentication schemes with smart cards; timestamp-based and nonce-based password authentication schemes. In 2003, Sun and Yeh pointed out that Yang and Shieh’s password authentication schemes were vulnerable to the forgery attack. Recently, Yang et al. improved Yang and Shieh’s schemes to resist Sun and Yeh’s forgery attack. However, we shall show that Yang et al.’s schemes cannot withstand the forgery attack and then propose the improved schemes to resist the forgery attack.