Security Weaknesses and Improvements of a Fingerprint-based Remote User Authentication Scheme Using Smart Cards

نویسندگان

  • Hyung-Kyu Yang
  • Young-Hwa An
چکیده

Abstract Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2006, Khan et al.[12] proposed an improved fingerprint-based remote user authentication scheme using smart cards that is achieved mutual authentication between the user and the server, while eliminating the drawback of Lee et al.’s scheme[9]. Later, in 2008, Xu et al.[13] pointed out that Khan et al.’s scheme cannot withstand the parallel session attack and the impersonation attack. In this paper, we also analyze the security weaknesses of Khan et al.'s scheme, and we have shown that Khan et al.’s scheme is still vulnerable to the forgery attack, the off-line password guessing attack, the parallel session attack, and the insider attack. And, we propose the improved scheme to overcome these security weaknesses, while preserving all their merits, even if the secret information stored in the smart card is revealed.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Security Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards

To improve the security weaknesses in user authentication system, many biometrics-based user authentication schemes using smart cards have been proposed. Das in 2011, proposed an effective biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication, while eliminating the security flaws of Li-Hwang’s scheme. In this paper, ...

متن کامل

Security of the Lin-Lai smart card based user authentication scheme

The remote user authentication scheme of Lin and Lai, that uses a smart card and a fingerprint measurement, is reviewed and shown to possess significant security issues.

متن کامل

Cryptanalysis And Further Improvement Of A Biometric-Based Remote User Authentication Scheme Using Smart Cards

Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and ...

متن کامل

A smart card based remote user authentication scheme

Password based authentication schemes are commonly used to authenticate remote users. Many schemes have been proposed both with and without smart cards but each have its own merits and demerits. This paper analyzes the security of an enhanced Dynamic ID based remote user authentication scheme and shows that the enhanced scheme has major security weaknesses. The paper also presents a new scheme ...

متن کامل

A New Remote User Authentication Scheme Using Smart Cards with Forward Secrecy

Hwang and Li proposed the first remote user authentication scheme using smart cards to solve the problems of Lamport scheme. Unfortunately, Hwang and Li’s scheme has some security weaknesses. First, ChanChang, ShenLinHwang and then Chang-Hwang pointed out some attacks on Hwang – Li’s scheme. This paper presents a new remote user authentication scheme with forward secrecy, which provides forward...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012