On the security of a dynamic identity‐based remote user authentication scheme with verifiable password update |
| |
| Authors: | Yongchun Liu Peng Gong Xiaopeng Yan Ping Li |
| |
| Affiliation: | National Key Laboratory of Mechatronic Engineering and Control, School of Mechatronical Engineering, Beijing Institute of Technology, Beijing, China |
| |
| Abstract: | Recently, Chang et al. [Chang Y, Tai W, Chang H. Untraceable dynamic identity‐based remote user authentication scheme with verifiable password update. International Journal of Communication Systems 2013; doi:10.1002/dac.2552] proposed a dynamic identity‐based remote user authentication scheme with verifiable password update. They also proved that their scheme could withstand various attacks. Unfortunately, by proposing concrete attacks, we show that their scheme is vulnerable to three kinds of attacks. We also point out that their scheme cannot provide untraceability. The analysis shows that the scheme of Chang et al. is not suitable for practical applications. Copyright © 2013 John Wiley & Sons, Ltd. |
| |
| Keywords: | privacy authentication dynamic identity traceability password |
|
|
