Comments on the security of the SPAPA strong password

Chris J. Mitchell and Siaw-Lynn Ng

(2007)

Chris J. Mitchell and Siaw-Lynn Ng (2007) Comments on the security of the SPAPA strong password.

Our Full Text Deposits

Full text access: Open

Full Text - 76.25 KB

Links to Copies of this Item Held Elsewhere

Mathematics Departmental Web Page

Abstract

The hash function based Strong Password Authentication Protocol with User Anonymity (SPAPA) was designed to protect users against monitoring by utilising temporary identities instead of true identities. In this letter we show that it is vulnerable to several attacks, including two which allow an adversary to link the activities of a user.

Information about this Version

This is a Published version
This version's date is: 25/08/2007
This item is peer reviewed

Link to this Version

https://repository.royalholloway.ac.uk/items/5ed9aa7a-5833-1fa3-cac6-c53b9b2bc447/1/

Item Type	Monograph (Technical Report)
Title	Comments on the security of the SPAPA strong password
Authors	Mitchell, Chris J. Ng, Siaw-Lynn
Departments	Faculty of Science\Mathematics

Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010

Notes

References

[1] K. Mangipudi and R. Katti, \A hash-based strong password au-
thentication protocol with user anonymity," \International Jour-
nal of Network Security", vol 2, no 3, pp. 205{209, May 2006
(http://isrc.nchu.edu.tw/ijns/).

Details

Owner: Unknown user
Collection: Royal Holloway Research Online
Version: 1 (show all)
Status: Live