INFORMATICA

Informatica

0868-4952 0868-4952

INF12208

10.3233/INF-2001-12208

Research article

An Improvement of SPLICE/AS in WIDE against Guessing Attack

Hwang

Min-Shiang

mshwang@mail.cyut.edu.tw Lee

Cheng-Chi

Tang

Yuan-Liang

Department of Information Management, Chaoyang University of Technology, 168, Gifeng E. Rd., Wufeng, Taichung County, Taiwan 413, R.O.C.

01 01 2001

12 2 297 302 01 04 2000

Yamaguchi, Okayama, and Miyahara proposed a simple but efficient authentication system, SPLICE/AS. In this article, we show that their method is vulnerable to the guessing attack. An attacker can obtain the password, private-key, and public-key of the user. To overcome the vulnerability of SPLICE/AS to the guessing attack, we propose an improvement of their system. In our scheme, we not only prevent the guessing attack to obtain secret messages but also enhance the security of the SPLICE/AS authentication system in WIDE.

Keywords authentication private key public key password internet guessing attack security