Recently, Tseng et al. proposed an improvement on Peyravian and Zunic's protected password transmission scheme and protected changing scheme to remove some security flaws. However, as we will point out in this paper, any adversary can intercept the request for changing the password sent by a legal user and modify it with a wrong password. Furthermore, we shall also propose an improved version of their protected password changing scheme to help it out of the trouble.
|Number of pages||8|
|Publication status||Published - 2003 Jan 1|
All Science Journal Classification (ASJC) codes
- Information Systems
- Applied Mathematics