Abstract
In 2011, Lee et al. proposed an improved Li-Hwang’s biometrics-based remote user authentication scheme, and claimed that does not only provide session key establishment and mutual authentication but also withstand various attacks. In this paper, we analyze the security of Lee et al.’s scheme and we show that Lee et al.’s scheme is still insecure against the various attacks. Also, we propose an improved scheme that can remove these security flaws of Lee et al.’s scheme and provide session key agreement, even if the secret information stored in the smart card is revealed. As a result of security analysis, the improved scheme is relatively more secure than the related authentication schemes in terms of the security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Das, M.L., Sxena, A., Gulathi, V.P.: A Dynamic ID-based Remote User Authentication Scheme. IEEE Transactions on Consumer Electronics 50(2), 629–631 (2004)
Lin, C.W., Tsai, C.S., Hwang, M.S.: A New Strong-Password Authentication Scheme Using One-Way Hash Functions. Journal of Computer and Systems Sciences International 45(4), 623–626 (2006)
Bindu, C.S., Reddy, P.C.S., Satyanarayana, B.: Improved Remote User Authentication Scheme Preserving User Anonymity. International Journal of Computer Science and Network Security 8(3), 62–66 (2008)
Awasthi, A.K., Srivastava, K., Mittal, R.C.: An Improved Timestamp-based Remote User Authentication Scheme. Computer and Electrical Engineering 37, 869–874 (2011)
Khan, M.K., Zhang, J.: An Efficient and Practical Fingerprint-Based Remote User Authentication Scheme with Smart Cards. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds.) ISPEC 2006. LNCS, vol. 3903, pp. 260–268. Springer, Heidelberg (2006)
Li, C.T., Hwang, M.S.: An Efficient Biometrics-based Remote User Authentication Scheme Using Smart Cards. Journal of Network and Computer Applications 33, 1–5 (2010)
Das, A.K.: Analysis and Improvement on an Efficient Biometric-based Remote User Authentication Scheme Using Smart Cards. IET Information Security 5(3), 541–552 (2011)
Lee, C.C., Chang, R.X., Chen, L.A.: Improvement of Li-Hwang’s Biometrics-based User Authentication Scheme Using Smart Cards. WSEAS Transactions on Communications 10(7), 193–200 (2011)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining Smart-Card Security under the Threat of Power Analysis Attacks. IEEE Transactions on Computers 51(5), 541–552 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
An, Y. (2012). Improved Biometrics-Based Remote User Authentication Scheme with Session Key Agreement. In: Kim, Th., Cho, Hs., Gervasi, O., Yau, S.S. (eds) Computer Applications for Graphics, Grid Computing, and Industrial Environment. CGAG GDC IESH 2012 2012 2012. Communications in Computer and Information Science, vol 351. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35600-1_46
Download citation
DOI: https://doi.org/10.1007/978-3-642-35600-1_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35599-8
Online ISBN: 978-3-642-35600-1
eBook Packages: Computer ScienceComputer Science (R0)