{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:43:23Z","timestamp":1750308203028,"version":"3.41.0"},"reference-count":23,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2005,1,1]],"date-time":"2005-01-01T00:00:00Z","timestamp":1104537600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGOPS Oper. Syst. Rev."],"published-print":{"date-parts":[[2005,1]]},"abstract":"<jats:p>In 2002, Lee, Hwang, and Yang proposed a verifier-free remote user authentication scheme using smart cards. Their scheme is efficient because of mainly using cryptographic hash functions. However, we find that Lee-Hwang-Yang's scheme is not reparable once the user's permanent secret is compromised and is vulnerable to a privileged insider's attack. Furthermore, it lacks the user eviction mechanism. In this paper, we first show the weaknesses of Lee-Hwang-Yang's scheme, and then compare Lee-Hwang-Yang's scheme with three similar schemes.<\/jats:p>","DOI":"10.1145\/1044552.1044562","type":"journal-article","created":{"date-parts":[[2005,11,7]],"date-time":"2005-11-07T19:28:32Z","timestamp":1131391712000},"page":"90-96","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Cryptanalysis of a flexible remote user authentication scheme using smart cards"],"prefix":"10.1145","volume":"39","author":[{"given":"Wei-Chi","family":"Ku","sequence":"first","affiliation":[{"name":"Fu Jen Catholic University, Hsinchuang, Taipei County, Taiwan, R.O.C."}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shuai-Min","family":"Chen","sequence":"additional","affiliation":[{"name":"Fu Jen Catholic University, Hsinchuang, Taipei County, Taiwan, R.O.C."}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2005,1]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2003.1261225"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/30.920451"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(02)00110-4"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/1413474.1413476"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00012-9"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/s0167-4048(02)00415-7"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(02)01118-5"},{"key":"e_1_2_1_8_1","first-page":"429","volume-title":"IEEE Region 10 Conference on Computer and Communication Systems","author":"Hwang T.","year":"1990","unstructured":"T. Hwang , Y. Chen , and C. S. Laih , \" Non-interactive password authentications without password tables,\" Proc . IEEE Region 10 Conference on Computer and Communication Systems , Hong Kong , pp. 429 -- 431 , Sept. 1990 .]] T. Hwang, Y. Chen, and C. S. Laih, \"Non-interactive password authentications without password tables,\" Proc. IEEE Region 10 Conference on Computer and Communication Systems, Hong Kong, pp. 429--431, Sept. 1990.]]"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/26.387429"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/30.826377"},{"key":"e_1_2_1_11_1","first-page":"388","volume-title":"Differential power analysis,\" Proc. Advances in Cryptology (CRYPTO'99)","author":"Kocher P.","year":"1999","unstructured":"P. Kocher , J. Jaffe , and B. Jun , \" Differential power analysis,\" Proc. Advances in Cryptology (CRYPTO'99) , pp. 388 -- 397 , 1999 .]] P. Kocher, J. Jaffe, and B. Jun, \"Differential power analysis,\" Proc. Advances in Cryptology (CRYPTO'99), pp. 388--397, 1999.]]"},{"key":"e_1_2_1_12_1","first-page":"5","article-title":"Cryptanalysis of a variant of Peyravian-Zunic's password authentication scheme","volume":"86","author":"Ku W. C.","year":"2003","unstructured":"W. C. Ku , C. M. Chen , and H. L. Lee , \" Cryptanalysis of a variant of Peyravian-Zunic's password authentication scheme ,\" IEICE Transactions on Communications , vol. E86 -B, no. 5 , pp. 1682--1684, May 2003 .]] W. C. Ku, C. M. Chen, and H. L. Lee, \"Cryptanalysis of a variant of Peyravian-Zunic's password authentication scheme,\" IEICE Transactions on Communications, vol. E86-B, no. 5, pp. 1682--1684, May 2003.]]","journal-title":"IEICE Transactions on Communications"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2004.1277863"},{"key":"e_1_2_1_14_1","first-page":"429","volume-title":"14th Information Security Conference","author":"Ku W. C.","year":"2004","unstructured":"W. C. Ku , S. M. Chen , and H. M. Chuang , \" A study of hash-based password authentication schemes without storing verifiers,\" Proc . 14th Information Security Conference , Taiwan , pp. 429 -- 435 , June 2004 .]] W. C. Ku, S. M. Chen, and H. M. Chuang, \"A study of hash-based password authentication schemes without storing verifiers,\" Proc. 14th Information Security Conference, Taiwan, pp. 429--435, June 2004.]]"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/567331.567335"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2003.1261224"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2002.1004593"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2003.1209534"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/30.920446"},{"key":"e_1_2_1_20_1","first-page":"4","article-title":"Further cryptanalysis of a password authentication scheme with smart cards","volume":"86","author":"Sun H. M.","year":"2003","unstructured":"H. M. Sun and H. T. Yeh , \" Further cryptanalysis of a password authentication scheme with smart cards ,\" IEICE Transactions on Communications , vol. E86 -B, no. 4 , pp. 1412--1415, April 2003 .]] H. M. Sun and H. T. Yeh, \"Further cryptanalysis of a password authentication scheme with smart cards,\" IEICE Transactions on Communications, vol. E86-B, no. 4, pp. 1412--1415, April 2003.]]","journal-title":"IEICE Transactions on Communications"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00713-2"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(99)80136-9"},{"key":"e_1_2_1_23_1","first-page":"1","article-title":"Security of a remote user authentication scheme using smart cards","volume":"87","author":"Yeh H. T.","year":"2004","unstructured":"H. T. Yeh , H. M. Sun , and B. T. Hsieh , \" Security of a remote user authentication scheme using smart cards ,\" IEICE Transactions on Communications , vol. E87 -B, no. 1 , pp. 192--194, Jan. 2004 .]] H. T. Yeh, H. M. Sun, and B. T. Hsieh, \"Security of a remote user authentication scheme using smart cards,\" IEICE Transactions on Communications, vol. E87-B, no. 1, pp. 192--194, Jan. 2004.]]","journal-title":"IEICE Transactions on Communications"}],"container-title":["ACM SIGOPS Operating Systems Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1044552.1044562","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1044552.1044562","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:25:06Z","timestamp":1750263906000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1044552.1044562"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,1]]},"references-count":23,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2005,1]]}},"alternative-id":["10.1145\/1044552.1044562"],"URL":"https:\/\/doi.org\/10.1145\/1044552.1044562","relation":{},"ISSN":["0163-5980"],"issn-type":[{"type":"print","value":"0163-5980"}],"subject":[],"published":{"date-parts":[[2005,1]]},"assertion":[{"value":"2005-01-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}