Security protocols for biometrics-based cardholder authentication in smartcards
نویسندگان
چکیده
The use of biometrics, and fingerprint recognition in particular, for cardholder authentication in smartcard systems is growing in popularity, and such systems are the focus of this paper. In such a biometrics-based cardholder authentication system, sensitive data will typically need to be transferred between the smartcard and the card reader. We propose strategies to ensure integrity of the sensitive data exchanged between the smartcard and the card reader during authentication of the cardholder to the card, and also to provide mutual authentication between card and reader. We examine two possible types of attacks: replay attacks and active attacks in which an attacker is able to calculate hashes and modify messages accordingly.
منابع مشابه
On the Rila-Mitchell Security Protocols for Biometrics-Based Cardholder Authentication in Smartcards
متن کامل
Security Analysis of Smartcard to Card Reader Communications for Biometric Cardholder Authentication
The use of biometrics, and fingerprint recognition in particular, for cardholder authentication in smartcard systems is growing in popularity. In such a biometrics-based cardholder authentication system, sensitive data may be transferred between the smartcard and the card reader. In this paper we identify and classify possible threats to the communications link between card and card reader duri...
متن کاملUSENIX Association Proceedings of the 5 th Smart Card Research and Advanced Application
The use of biometrics, and fingerprint recognition in particular, for cardholder authentication in smartcard systems is growing in popularity. In such a biometrics-based cardholder authentication system, sensitive data may be transferred between the smartcard and the card reader. In this paper we identify and classify possible threats to the communications link between card and card reader duri...
متن کاملBiometrics to Enhance Smartcard Security
A novel protocol is proposed to address the problem of user authentication to smartcards using devices that are currently inexpensive. The protocol emulates expensive Match On Card (MOC) smartcards, which can compute a biometric match, by cheap Template on Card (TOC) smartcards, which only store a biometric template. The actual match is delegated to an extension of the cryptographic module runn...
متن کاملA Smartcard Fault - tolerant Authentication Server
In this paper we present a fault-tolerant and intrusion-tolerant authentication server. This server is composed of several sites, each one managed by a different security administrator. We describe the registration and authentication protocols based on smartcards. Those protocols have been implemented by using Bull CP8 MP smartcards. We show how to make them secure in spite of possible failures...
متن کامل