A ROBUST AND FLEXIBLE BIOMETRICS REMOTE USER AUTHENTICATION SCHEME

被引：0

作者：

Yoon, Eun-Jun ^{[2
]}

Yoo, Kee-Young ^{[1
]}

机构：

[1] Kyungpook Natl Univ, Dept Comp Engn, Taegu 702701, South Korea

[2] Kyungil Univ, Dept Cyber Secur, Kyungsan Si 712701, Kyungsangpuk Do, South Korea

来源：

INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL | 2012年 / 8卷 / 5A期

基金：

新加坡国家研究基金会;

关键词：

Information theory and applications; Cryptography; Biometrics; User authentication; Smart card; Impersonation attack; KEY EXCHANGE PROTOCOL; EFFICIENT; SECURITY; CRYPTANALYSIS; IMPROVEMENT;

D O I：

暂无

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Biometric-based authentication systems are widely deployed for person identification. Recently, an improved scheme for flexible biometrics remote user authentication was proposed by Khan and Zhang. In this paper, we demonstrate that Khan-Zhang's scheme is still vulnerable to the following two attacks: (1) It is insecure to parallel session attack in which an adversary without knowing a legal user's password and biometrics information can masquerade as the legal user by somehow crafting a valid login message from eavesdropped communications between the user and the remote system; (2) It is insecure to privileged insider's attack since a legal user's password can be easily revealed to the insider attacker of the remote system. Moreover, we figure out how to eliminate the security vulnerabilities of Khan-Zhang's scheme. Compared with Khan-Zhang's scheme, the proposed scheme is more efficient and holds stronger security.

引用

页码：3173 / 3188

页数：16

共 50 条

[1] A flexible biometrics remote user authentication scheme
Lin, CH
Lai, YY
[J]. COMPUTER STANDARDS & INTERFACES, 2004, 27 (01) : 19 - 23
[2] Improving the security of 'a flexible biometrics remote user authentication scheme'
Khan, Muhammad Khurram
Zhang, Jiashu
[J]. COMPUTER STANDARDS & INTERFACES, 2007, 29 (01) : 82 - 85
[3] Robust remote user authentication scheme
Yoon, EJ
Ryu, EK
Yoo, KY
[J]. INFORMATION NETWORKING: NETWORKING TECHNOLOGIES FOR BROADBAND AND MOBILE NETWORKS, 2004, 3090 : 935 - 942
[4] Robust biometrics based three-factor remote user authentication scheme with key agreement
Li, Xiong
Niu, Jianwei
Khan, Muhammad Khurram
Liao, Junguo
[J]. 2013 INTERNATIONAL SYMPOSIUM ON BIOMETRICS AND SECURITY TECHNOLOGIES (ISBAST), 2013, : 105 - 110
[5] Remote User Authentication Scheme A comparative analysis and improved behavioral biometrics based authentication scheme
Kumar, Pramod
Rauthan, Manmohan Singh
[J]. 2016 INTERNATIONAL CONFERENCE ON MICRO-ELECTRONICS AND TELECOMMUNICATION ENGINEERING (ICMETE), 2016, : 311 - 313
[6] An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity
Khan, Muhammad Khurram
Kumari, Saru
[J]. BIOMED RESEARCH INTERNATIONAL, 2013, 2013
[7] A lightweight biometrics based remote user authentication scheme for IoT services
Dhillon, Parwinder Kaur
Kalra, Sheetal
[J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2017, 34 : 255 - 270
[8] On the security of Yoon and Yoo's biometrics remote user authentication scheme
[J]. Liu, Ming, 1600, World Scientific and Engineering Academy and Society, Ag. Ioannou Theologou 17-23, Zographou, Athens, 15773, Greece (11):
[9] Remote Biometrics for Robust Persistent Authentication
Ingwar, Mads I.
Jensen, Christian D.
[J]. DATA PRIVACY MANAGEMENT AND AUTONOMOUS SPONTANEOUS SECURITY, DPM 2013, 2014, 8247 : 250 - 267
[10] An anonymous and efficient remote biometrics user authentication scheme in a multi server environment
Peng JIANG
Qiaoyan WEN
Wenmin LI
Zhengping JIN
Hua ZHANG
[J]. Frontiers of Computer Science, 2015, 9 (01) - 156

← 1 2 3 4 5 →