Attack and Improvement on the One-Time Password Authentication Protocol Against Theft Attacks

Recently, Tsuji and Shimizu proposed a one-time password authentication protocol against replay and theft attacks. Unfortunately, in this paper, we show that their scheme is insecure under the modification attack. We propose an improvement scheme to enhance the security of the one-time password authentication protocol.