As anonymity increasingly becomes a necessary and legitimate aim in many applications, a number of anonymous authentication schemes have been suggested over the years. Among the many schemes is Lee and Kwon's password-based authentication scheme for wireless environments. Compared with previous schemes, Lee and Kwon's scheme not only improves anonymity by employing random temporary IDs but also provides user-friendliness by allowing human-memorable passwords. In this letter, we point out that Lee and Kwon's scheme, despite its many merits, is vulnerable to off-line password guessing attacks and a forgery attack. In addition, we show how to eliminate these vulnerabilities.

Abdalla et al. proposed a gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where a password is only shared between the client and the authentication server. The goal of their scheme is to securely establish a session key between the client and the gateway by the help of the authentication server without revealing any information on the password to the gateway. Recently, Byun et al. showed that Abdalla et al.'s GPAKE is insecure against undetectable on-line password guessing attacks. They also proposed a modified version to overcome the attacks. In this letter, we point out that Byun et al.'s modified GPAKE protocol is still insecure against the same attacks. We then make a suggestion for improvement.

Recently, Wu-Chieu proposed an improvement to their original scheme, in order to make the scheme withstand impersonation attacks. However, the improved scheme is susceptible to an off-line password guessing attack and is inefficiently designed. Accordingly, the current letter demonstrates the vulnerability of Wu-Chieu's modified scheme to an off-line password guessing attack and evaluates the efficiency of their schemes and related schemes.

In 2002, Hwang and Yeh showed that Peyravian-Zunic's password authentication schemes are not secure and proposed an improvement by using the server public key. Since applying the server public key results in the additional burden, we propose secure password authentication schemes without using the server public key in this paper.