Recently, Lin, Hwang, and Li proposed an efficient remote authentication scheme using smart cards for multi-server architecture based on the geometric property of the Euclidean plane. Herein, we show that their scheme is vulnerable to two forgery attacks and a password-guessing attack, and is not easily repairable. Furthermore, their scheme lacks a proper user eviction mechanism.

In 2000, Sandirigama, Shimizu, and Noda proposed a simple password authentication scheme, SAS. However, SAS was later found to be flawed. Recently, Chen, Lee, Horng proposed two SAS-like schemes, which were claimed to be more secure than similar schemes. Herein, we show that both their schemes are still vulnerable to denial-of-service attacks. Additionally, Chen-Lee-Horng's second scheme is not easily reparable.

Recently, Juang proposed an efficient password authenticated key agreement scheme using smart cards for the multi-server architecture. Juang's scheme was intended to provide mutual authentication and session key agreement. Herein, we show that Juang's scheme is vulnerable to a privileged insider's attack and is not easily reparable. Furthermore, it does not provide forward secrecy and the user eviction mechanism.