Recently, Sandirigarna et al. have proposed an authentication scheme by the name of SAS and claimed that it has lowest storage, processing, and transmission overhead. In 2001, Lin et al. showed that the protocol is insecure and proposed an optimal strong-password authentication protocol called the OSPA protocol. However, Chen and Ku pointed out that both SAS and OSPA are vulnerable to the stolen-verifier attack in 2002. Later, Lin, Shen and Hwang proposed a modified OSPA protocol to repair the security Law of OSPA protocol. In this paper, we shall propose a new strong-password authentication protocol that not only can withstand many possible attacks including the stolen-verifier attack, but also efficient than the modified OSPA protocol.
展开▼