In a recent paper, Chang et al. proposed an authentication scheme for E-coupon systems and proved that their scheme can prevent a range of attacks. In this paper, we reanalyze the Chang et al.’ scheme and demonstrate that it cannot resist off-line password attack, masquerading shop attack and masquerading customer attack. Moreover, it cannot achieve two security properties that is anonymity and traceability. Meanwhile, Lee proposed an efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. In the scheme, we find it also cannot resist off-line password attack, masquerading attack. Unfortunately, it resists an deadly error. So the scheme cannot run.
