Abstract

Recently, Sun and Yeh proposed three password-based authentication and key distribution protocols with perfect forward secrecy. In their schemes, clients can access services on application servers upon passing the authentication through an authentication server. The main contributions are: 1) clients can use easy-to-remember passwords; and 2) perfect forward secrecy (PFS in short) is guaranteed. Under the consideration of revealing the client's password, the application server's secret key, and the authentication server's private key, they defined seven classes of protocols with perfect forward secrecy. This paper will show that Sun and Yeh's Class-1 PFS protocol, which is the most basic and practical among the three ones because of its easiness to implement and use, is vulnerable to replay attacks. As its valuable merits, it's worthwhile to remedy the security weakness by making minor revision. Hence, an improved scheme for resisting the above attack will be presented.

Paper Details