A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r...A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.展开更多
In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this pape...In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.展开更多
Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secu...Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap DiffieHellman (GDH) assumption. Furthermore, the proposed protocol is very efficient.展开更多
Research on existing radio frequency identification(RFID) authentication protocols security risks, poor performance and other problems, a RFID security authentication protocol based on dynamic identification(ID) a...Research on existing radio frequency identification(RFID) authentication protocols security risks, poor performance and other problems, a RFID security authentication protocol based on dynamic identification(ID) and Key value renewal is proposed. Meanwhile, the security problems based on Hash function RFID security authentication protocol in recent years have been also sorted and analyzed. Then a security model to design and analyze RFID protocols is built. By using the computational complexity, its correctness and security have been proved. Compared with the safety performance, storage overhead, computational overhead and other aspects of other protocols, the protocol for RFID has more efficient performance and ability to withstand various attacks. And the C# programming language is used to simulate the authentication process on the visual studio platform, which verifies the feasibility of the protocol.展开更多
Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present ...Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.展开更多
This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the securi...This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the security goals to capture which mean for a prox-ysignaturescheme to be secure. Then, we present an example of proxy signature scheme that can be proven securein the standard model.展开更多
Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security p...Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security proof. In this paper, we find a flaw in the security proof of BDOP-PEKS and PEKS-STAT, present a new conclusion for the security of BDOP-PEKS, and give a security proof. The flaw in the security proof of PEKS-STAT can be fixed in the same way. Finally we conclude some steps of security proof, and emphasize that the probability is as important as the construction.展开更多
The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. ...The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are const...Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.展开更多
This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphe...This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphertexts. Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O(1) user storage cost, which are important for a mobile ad hoc network. Finally, the proposed schemes are provable security under the decision generalized bilinear Diffi-Hellman (GBDH) assumption in the random oracles model.展开更多
In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive se...In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.展开更多
In this paper, based on the verifiable pair and identity-based threshold cryptography, a novel identity-based (ID-based) threshold decryption scheme (IDTDS) is proposed, which is provably secure against adaptive c...In this paper, based on the verifiable pair and identity-based threshold cryptography, a novel identity-based (ID-based) threshold decryption scheme (IDTDS) is proposed, which is provably secure against adaptive chosen cipbertext attack under the computational bilinear Diffie-Hellman (CBDH) problem assumption in the random oracle. The pubic cheekability of ciphertext in the IDTDS is given by simply creating a signed E1Gamal encryption instead of a noninteractive zero-knowledge proof. Furthermore, we introduce a modified verifiable pairing to ensure all decryption shares are consistent. Our scheme is more efficient in verification than the schemes considered previously.展开更多
Certificateless public key cryptography (CL-PKC) enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key ...Certificateless public key cryptography (CL-PKC) enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext (CCA2) secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.展开更多
ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we...ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.展开更多
Password-based authenticated key exchange(PAKE) protocols are cryptographic primitives which enable two entities,who only share a memorable password,to identify each other and to communicate over a public unreliable n...Password-based authenticated key exchange(PAKE) protocols are cryptographic primitives which enable two entities,who only share a memorable password,to identify each other and to communicate over a public unreliable network with a secure session key.In this paper,we propose a simple,efficient and provably secure PAKE protocol based on Diffie-Hellman key exchange and cryptographic hash function.Our protocol is secure against dictionary attacks.Its security is proved based on the hardness of the computational Diffie-Hellman problem in the random oracle model.展开更多
In 2010,Lee et al proposed two simple and efficient three-party password-authenticated key exchange protocols that had been proven secure in the random oracle model.They argued that the two protocols could resist offl...In 2010,Lee et al proposed two simple and efficient three-party password-authenticated key exchange protocols that had been proven secure in the random oracle model.They argued that the two protocols could resist offline dictionary attacks.Indeed,the provable approach did not provide protection against off-line dictionary attacks.This paper shows that the two protocols are vulnerable to off-line dictionary attacks in the presence of an inside attacker because of an authentication flaw.This study conducts a detailed analysis on the flaw in the protocols and also shows how to eliminate the security flaw.展开更多
基金Supported by the fund of National Laboratory for Modern Communications (5143603ZDS0601),the outstanding youth science foundation of Henan (0312001800).
文摘A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.
基金Supported by the National Natural Science Foundation of China (60473021) and the Science Foundation of Henan Province (0511010900)
文摘In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.
文摘Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap DiffieHellman (GDH) assumption. Furthermore, the proposed protocol is very efficient.
基金supported by the National Basic Research Program of China (2015CB453000)
文摘Research on existing radio frequency identification(RFID) authentication protocols security risks, poor performance and other problems, a RFID security authentication protocol based on dynamic identification(ID) and Key value renewal is proposed. Meanwhile, the security problems based on Hash function RFID security authentication protocol in recent years have been also sorted and analyzed. Then a security model to design and analyze RFID protocols is built. By using the computational complexity, its correctness and security have been proved. Compared with the safety performance, storage overhead, computational overhead and other aspects of other protocols, the protocol for RFID has more efficient performance and ability to withstand various attacks. And the C# programming language is used to simulate the authentication process on the visual studio platform, which verifies the feasibility of the protocol.
基金Supported by the National Natural Science Foundation of China (90204012, 60573035, 60573036) and the University IT Research Center Project of Korea
文摘Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.
文摘This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the security goals to capture which mean for a prox-ysignaturescheme to be secure. Then, we present an example of proxy signature scheme that can be proven securein the standard model.
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
基金Supported by the National Natural Science Foundation of China (60473021)
文摘Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security proof. In this paper, we find a flaw in the security proof of BDOP-PEKS and PEKS-STAT, present a new conclusion for the security of BDOP-PEKS, and give a security proof. The flaw in the security proof of PEKS-STAT can be fixed in the same way. Finally we conclude some steps of security proof, and emphasize that the probability is as important as the construction.
文摘The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
基金Supported by the National High Technology Research and Development Program of China (No. 2006AA01Z428)the National Natural Science Foundation of China ( No. 60673075)
文摘Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.
基金the National Natural Science Foundation of China (Nos. 60673072, 60803149)the National Basic Research Program (973) of China(No. 2007CB311201)
文摘This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphertexts. Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O(1) user storage cost, which are important for a mobile ad hoc network. Finally, the proposed schemes are provable security under the decision generalized bilinear Diffi-Hellman (GBDH) assumption in the random oracles model.
基金supported by the Nature Science Foundation of China under grant 60970119, 60803149the National Basic Research Program of China(973) under grant 2007CB311201
文摘In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.
基金Supported by the National Natural Science Foundation of China (60970119, 60803149)the National Basic Research Program of China (973 Program) (2007CB311201)
文摘In this paper, based on the verifiable pair and identity-based threshold cryptography, a novel identity-based (ID-based) threshold decryption scheme (IDTDS) is proposed, which is provably secure against adaptive chosen cipbertext attack under the computational bilinear Diffie-Hellman (CBDH) problem assumption in the random oracle. The pubic cheekability of ciphertext in the IDTDS is given by simply creating a signed E1Gamal encryption instead of a noninteractive zero-knowledge proof. Furthermore, we introduce a modified verifiable pairing to ensure all decryption shares are consistent. Our scheme is more efficient in verification than the schemes considered previously.
基金Supported by the National Natural Science Foundation of China (60673070)the Natural Science Foundation of Jiangsu Province,China (BK2006217)
文摘Certificateless public key cryptography (CL-PKC) enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext (CCA2) secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.
基金Supported bythe National Key Basic Research andDevelopment Program (973 Program G1999035804),the NationalNatural Science Foundation of China (90204015 ,60473021) and theElitist Youth Foundation of Henan Province (021201400)
文摘ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.
基金the National Natural Science Foundation of China(Nos.60703094 and 61070217)
文摘Password-based authenticated key exchange(PAKE) protocols are cryptographic primitives which enable two entities,who only share a memorable password,to identify each other and to communicate over a public unreliable network with a secure session key.In this paper,we propose a simple,efficient and provably secure PAKE protocol based on Diffie-Hellman key exchange and cryptographic hash function.Our protocol is secure against dictionary attacks.Its security is proved based on the hardness of the computational Diffie-Hellman problem in the random oracle model.
基金Supported by the Natural Science Foundation of Jiangsu Province (Key Program) (BK2011023)
文摘In 2010,Lee et al proposed two simple and efficient three-party password-authenticated key exchange protocols that had been proven secure in the random oracle model.They argued that the two protocols could resist offline dictionary attacks.Indeed,the provable approach did not provide protection against off-line dictionary attacks.This paper shows that the two protocols are vulnerable to off-line dictionary attacks in the presence of an inside attacker because of an authentication flaw.This study conducts a detailed analysis on the flaw in the protocols and also shows how to eliminate the security flaw.
