Smart Card Based AKE Protocol Using Biometric Information in Pervasive Computing Environments

  • Wansuck Yi
  • Seungjoo Kim
  • Dongho Won
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5593)

Abstract

Smart card based authenticated key exchange allows a user with smartcards and the server to authenticate each other and to agree on a session key which can be used for confidentiality or data integrity. In the paper, we propose a two-round smart card based AKE (Authenticated Key Exchange) protocol using biometric information which provides mutual authentication but only requires symmetric cryptographic operations. This paper proposes a new protocol which is best suitable in pervasive computing environments thus providing efficiency in number of rounds, forward secrecy and security against known-key attack.

Keywords

smart card authentication key exchange biometrics forward secrecy known-key secrecy pervasive computing 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Awashti, A.K.: Comment on a dynamic ID-based remote user authentication scheme. Transactions on Cryptology 1(2), 15–16 (2004)Google Scholar
  2. 2.
    Chien, H.Y., Chen, C.H.: A remote authentication scheme preserving user anonymity. In: Intl. Conf. on AINA 2005, vol. 2, pp. 245–248 (March 2005)Google Scholar
  3. 3.
    Chang, C.C., Hwang, K.F.: Some forgery attacks on a remote user authentication scheme using smart cards. Informatics 14(3), 289–294 (2003)MathSciNetMATHGoogle Scholar
  4. 4.
    Das, M.L., Saxena, A., Gulati, V.P.: A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)CrossRefGoogle Scholar
  5. 5.
    Fan, C.I., Chan, Y.C., Zhang, Z.K.: Robust remote authentication scheme with smart cards. Computers & Security 24(8), 619–628 (2005)CrossRefGoogle Scholar
  6. 6.
    El Gamal, T.: A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Hsu, C.L.: Security of Chien et al.’s remote user authentication scheme using smart cards. Computer Standards and Interfaces 26(3), 167–169 (2004)CrossRefGoogle Scholar
  8. 8.
    Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(1), 28–30 (2000)CrossRefGoogle Scholar
  9. 9.
    Kumar, M.: New remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(2), 597–600 (2004)CrossRefGoogle Scholar
  10. 10.
    Ku, W.C., Chang, S.T.: Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards. IEICE Transactions on Communication E88-B(5), 2165–2167 (2005)CrossRefGoogle Scholar
  11. 11.
    Ku, W.C., Chang, S.T., Chiang, M.H.: Further cryptanalysis of fingerprint based remote user authentication scheme using smart cards. IEE Electronics Letters 41(5) (2005)Google Scholar
  12. 12.
    Khan, M.K., Zhang, J.: Improving the security of a exible biometrics remote user authentication scheme. Computer Standards & Interfaces 29(1), 82–85 (2007)CrossRefGoogle Scholar
  13. 13.
    Lamport, L.: Password authentication with insecure communication. Communications of the ACM 24(11), 770–772 (1981)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Leung, K.C., Cheng, L.M., Fong, A.S., Chan, C.K.: Cryptanalysis of a modified remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 49(4), 1243–1245 (2003)CrossRefGoogle Scholar
  15. 15.
    Lee, C.C., Hwang, M.S., Yang, W.P.: A flexible remote user authentication scheme using smart cards. ACM Operating Systems Review 36(3), 46–52 (2002)CrossRefGoogle Scholar
  16. 16.
    Lin, C.H., Lai, Y.Y.: A flexible biometrics remote user authentication scheme. Computer Standard and Interfaces 27(1), 19–23 (2004)CrossRefGoogle Scholar
  17. 17.
    Lee, J.K., Ryu, S.R., Yoo, K.Y.: Fingerprint-based remote user authentication scheme using smart cards. IEE Electronics Letters 38(12), 554–555 (2002)CrossRefGoogle Scholar
  18. 18.
    Sun, H.M.: An efficient remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(4), 958–961 (2000)CrossRefGoogle Scholar
  19. 19.
    Shen, J.J., Lin, C.W., Hwang, M.S.: A modified remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 49(2), 414–416 (2003)CrossRefGoogle Scholar
  20. 20.
    Sun, H.M., Yeh, H.T.: Further cryptanalysis of a password authentication scheme with smart cards. IEICE Transactions and Communications E86-B (4), 1412–1415 (2003)Google Scholar
  21. 21.
    Wang, S.J., Chang, J.F.: Smart card based secure password authentication scheme. Computers & Security 15(3), 231–237 (1996)CrossRefGoogle Scholar
  22. 22.
    Yoon, E.J., Ryu, E.K., Yoo, K.Y.: An improvement of Hwang-Lee-Tang’s simple remote user authentication scheme. Computers & Security 24, 50–56 (2005)CrossRefGoogle Scholar
  23. 23.
    Yang, W.H., Shieh, S.P.: Password authentication schemes with smart cards. Computers & Security 18(8), 727–733 (1999)CrossRefGoogle Scholar
  24. 24.
    Yoon, E.J., Yoo, K.Y.: Biometrics Authenticated Key Agreement Scheme. In: Etzion, O., Kuflik, T., Motro, A. (eds.) NGITS 2006. LNCS, vol. 4032, pp. 345–349. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Yang, C.C., Yang, H.W., Wang, R.C.: Cryptanalysis of security enhancement for the timestamp-based password authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 50(2), 578–579 (2004)CrossRefGoogle Scholar
  26. 26.
    ElGamal, T.: A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Transactions on Information Theory IT-31(4), 469–472 (1985)MathSciNetCrossRefMATHGoogle Scholar
  27. 27.
    Guthery, S.B., Jurgensen, T.M.: SmartCard Developer’s Kit. Macmillan Technical Publishing (1998) ISBN 1–57870–027–2 Google Scholar
  28. 28.
    Rankl, W., Effing, W.: Smart Card Handbook. John Wiley & Sons, Chichester (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Wansuck Yi
    • 1
  • Seungjoo Kim
    • 1
  • Dongho Won
    • 1
  1. 1.Information Security Group, School of Information and Communication EngineeringSungkyunkwan UniversitySuwon-siKorea

Personalised recommendations