Abstract
In a multi-server environment, authentication scheme must achieve a high level of security. Recently, many researchers combine user’s biometrics password with smart card to ensure high security of authentication mechanism. Chuang and Chen proposed a classic authentication scheme using smart card together with password and biometrics, and it supports some security properties. However, we analyze this classic scheme and demonstrate this scheme cannot resist some security attacks. Then we propose an enhanced scheme using smart card and biometrics. Finally, we give security proofs of our scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Liao, Y.P., Wang, S.S.: A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31, 24–29 (2009)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24, 770–772 (1981)
Jeon, W., Kim, J., Nam, J., Lee, Y., Won, D.: An enhanced secure authentication scheme with anonymity for wireless environments. IEICE Trans. Commun. 95, 2505–2508 (2012)
Nam, J., Choo, K., Kim, J., Kang, H., Kim, J., Paik, J., Won, D.: Password-only authenticated three-party key exchange with provable security in the standard model. Sci. World J. (2014)
Kim, J., Lee, D., Jeon, W., Lee, Y., Won, D.: Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks. Sensors 14, 6443–6462 (2014)
Guo, C., Chang, C.: Chaotic maps-based password authenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer. Simul. 18, 1433–1440 (2013)
Hao, X., Wang, J., Yang, Q., Yan, X., Li, P.: A chaotic map-based authentication scheme for telecare medicine information systems. J. Med. Syst. (2013)
Jiang, Q., Ma, J., Lu, X., Tian, Y.: Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38, 12 (2014)
Lin, H.: Improved chaotic maps-based password-authenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer. Simul. 20, 482–488 (2015)
Li, C.-T., Hwang, M.-S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33, 1–5 (2010)
Li, X., Niu, J.W., Ma, J., Wang, W.D., Liu, C.L.: Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34, 73–79 (2011)
Choi, Y., Nam, J., Lee, D., Kim, J., Jung, J., Won, D.: Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics. Sci. World J. 15 (2015)
Chang, C.C., Lee, J.S.: An efficient and secure multi-server password authentication scheme using smart cards. Comput. Commun. 32 (2009)
Khan, M.K., Zhang, J.: An efficient and practical fingerprint based remote user authentication scheme with smart cards. Inf. Secur. Pract. Exp. (2006)
Ku, W.C., Chang, S.T., Chiang, M.H.: Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards. Electron. Lett. 41, 240–241 (2005)
Yang, D., Yang, B.: A biometric password-based multi-server authentication scheme with smart card. In: Proceedings of the International Conference on Computer Design and Applications (ICCDA 2010), vol. 5 (2010)
Yoon, E.J., Yoo, K.Y.: Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J. Super Comput. 63, 235–255 (2013)
Chuang, M.C., Chen, M.C.: An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst. Appl. 41, 1411–1418 (2015)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: 19th Annual International Cryptology Conference, vol. 1666, no. 16, pp. 388–397 (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)
Lin, H., Wen, F.T., Du, C.X.: An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. Wirel. Pers. Commun. 84, 2351–2362 (2015)
Lin, H., Wen, F.T., Du, C.X.: An anonymous and secure authentication and key agreement scheme for session initiation protocol. Multimed. Tools Appl. 76, 2315–2319 (2016)
Reddy, A.G., Yoon, E.-J., Das, A.K.: An enhanced anonymous two-factor mutual authentication with key-agreement scheme for session initiation protocol. In: SIN 2016. ACM, 20–22 July 2016
Moon, J., Yu, J., Yang, H.: Improvement of biometrics and smart cards-based authentication scheme for multi-server environments. In: IMCOM 2016. ACM, 04–06 January 2016
Wang, X.A.: A privacy-preserving fuzzy interest matching protocol for friends finding in social networks. Soft Comput. 22(8), 2517–2526 (2018)
Alsumayt, A., Haggerty, J., Lotfi, A.: Using trust to detect denial of service attacks in the internet of things over MANETs. Int. J. Space-Based Situat. Comput. (IJSSC) 7, 43–56 (2017)
Tan, L., Chen, Y., Yang, M., Hu, J., Lian, J.: Connecting priority algorithm for node deployment in directional sensor networks. Int. J. Grid Utility Comput. (IJGUC) 8, 29–37 (2018)
Acknowledgements
The work in this paper is supported by the Natural Science Foundation of Shaanxi Province (No: 2016JQ6030).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Haiyan, X., Lifang, W. (2019). An Enhanced Smart Card and Biometrics-Based Authentication Scheme in Multi-server Environment. In: Barolli, L., Javaid, N., Ikeda, M., Takizawa, M. (eds) Complex, Intelligent, and Software Intensive Systems. CISIS 2018. Advances in Intelligent Systems and Computing, vol 772. Springer, Cham. https://doi.org/10.1007/978-3-319-93659-8_70
Download citation
DOI: https://doi.org/10.1007/978-3-319-93659-8_70
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93658-1
Online ISBN: 978-3-319-93659-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)