Preventing Guessing Attacks Using Fingerprint Biometrics
نویسندگان
چکیده
Security protocols involving the use of poorly chosen secrets, usually low-entropy user passwords, are vulnerable to guessing attacks. Here, a penetrator guesses a value in place of the poorly chosen secret and then tries to verify the guess using other information. In this paper we develop a new framework extending strand space theory in the context of these attacks to analyze the effect using fingerprint biometrics in those protocols. In particular, we will prove the efficacy of biometrics in preventing some known forms of guessing attacks which differ in the way the guess is verified. Interestingly, our approach shows a remarkable increase in security of selected protocols, subject to off-line guessing attacks. We illustrate these concepts on some examples.
منابع مشابه
Biometric Authentication of Fingerprint for Banking Users, Using Stream Cipher Algorithm
Providing banking services, especially online banking and electronic payment systems, has always been associated with high concerns about security risks. In this paper, customer authentication for their transactions in electronic banking has been discussed, and a more appropriate way of using biometric fingerprint data, as well as encrypting those data in a different way, has been suggest...
متن کاملDigital Signature Generation using Fingerprint, Password and Smart Card
In a digital signature scheme, the security of the private key is of vital importance. If the private key is ever compromised, it can be used to sign forge documents. The conventional method of secure private key storage is through password-based encryption. However, user-chosen passwords have very low entropy, which may be exploited by an attacker to launch password-guessing attacks. In order ...
متن کاملA Hybrid Authentication Mechanism for Preventing Phishing Attacks on E-banking Systems: The Nigeria Case Study
This paper presents multifactor authentication method for securing access to e-banking systems in Nigeria using fingerprint recognition and SiteKey authentication. Fingerprint authentication is based on the notion of fingerprint individuality; the idea that fingerprint image of an individual is unique and can be used to uniquely identify him/her. SiteKey authentication on the other hand, uses a...
متن کاملSpoof Detection of Fingerprint Biometrics using PHOG Descriptor
Biometrics are used for authentication. It isused to recognize a person based on their unique characteristics. Among several biometrics, Fingerprint is the most widely used and acceptable biometrics. Biometric system has several advantages over traditional methods. But it can be affected by several attacks. In this paper type 1 attack is discussed which is performed at the sensor level. Differe...
متن کاملDetection of PARD Attack on Secure Authentication System Based on Fingerprint Impression
The trustworthy information security mechanisms are required to contend with the rising atrociousness of identity theft in the cyber and electronic society, the biometric like fingerprint authentication can be used to ensure that only the legitimate user can access to intended system. Although the biometric authentication systems are very secured but the biometric systems are also exposed to a ...
متن کامل