Chris J. Mitchell and Siaw-Lynn Ng (2007) Comments on the security of the SPAPA strong password.
Full text access: Open
The hash function based Strong Password Authentication Protocol with User Anonymity (SPAPA) was designed to protect users against monitoring by utilising temporary identities instead of true identities. In this letter we show that it is vulnerable to several attacks, including two which allow an adversary to link the activities of a user.
This is a Published version This version's date is: 25/08/2007 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/5ed9aa7a-5833-1fa3-cac6-c53b9b2bc447/1/
Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010
[1] K. Mangipudi and R. Katti, \A hash-based strong password au-thentication protocol with user anonymity," \International Jour-nal of Network Security", vol 2, no 3, pp. 205{209, May 2006(http://isrc.nchu.edu.tw/ijns/).