Multi-Factor Authentication Process Using More than One Token with Watermark Security

Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 235)


Authentication is the process of verifying a user’s credentials when they are requesting services from any secure system. A simple authentication only involves a username and password, which can be easily deciphered. Hacking technologies have become more diversified and advanced, security and authentication have become unable to rely on ID and password-based authentication alone. Single-factor authentication using an ID and password has been found to be vulnerable to malware attacks, replay attacks, offline brute force attacks, key logger trojans, dictionary attacks and shoulder surfing. Adding a strong factor will reduce the chances of the user’s identification from being hacked. This paper proposes a new multifactor authentication scheme, which combines with hard token, password and biometric token with watermark image. Compared with the previous schemes this scheme has higher security in remote authentication and lower communication complexity.


Multi-factor authentication Watermarking Biometric authentication 



I would like to express my heartfelt gratitude to MY PARENTS for their kind support which helps me to put my best effort in completion of this paper.

This research was supported by a research program of Dongseo University’s Ubiquitous Appliance Regional Innovation Center supported by the grants from Ministry of Knowledge Economy of the Korean government and Busan Metropolitan City (No. B0008352). And it also supported by NRF2012 project (grant number: 2012-0008447).


  1. 1.
    Lee JK, Ryu SR (2002) Fingerprint-based remote user authentication scheme using smart cards. Electron Lett 38(12):554–555Google Scholar
  2. 2.
    Kim HS, Lee SW, Yoo KY (2003) ID-based password authentication scheme using smart cards and fingerprints. SIGOPS Oper Syst 37:32–41CrossRefGoogle Scholar
  3. 3.
    Yoon EJ, Yoo KE (2005) Secure fingerprint-based remote user authentication scheme using smartcards. In: Deng X, Ye Y (eds) LNCS, vol 3828. Springer, Heidelberg, pp 405–413Google Scholar
  4. 4.
    Pointcheval D, Zimmer S (2008) Multi-factor authenticated key exchange. ACNS 2008, LNCS, vol 5037. Springer, Heidelberg, pp 277–295Google Scholar
  5. 5.
    Fan CI, Lin YH (2009) Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. Trans Info Sec 4:933–945CrossRefGoogle Scholar
  6. 6.
    Li CT, Hwang MS (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33:1–5CrossRefGoogle Scholar
  7. 7.
    Kim J, Hong S (2011) A method of risk assessment for multi-factor authentication. J Info Pro Sys 7:187–198Google Scholar
  8. 8.
    Lin C-H, Lai Y-Y (2004) A flexible biometrics remote user authentication scheme. Comput Stand Interfaces 27:19–23Google Scholar
  9. 9.
    Yoon E-J, Yoo K-Y (2005) A new efficient fingerprint-based remote user authentication scheme for multimedia systems. KES 05, LNCS, vol 3683. Springer, Heidelberg, pp 332–338Google Scholar
  10. 10.
    OMB M-04-04 (2003) E-authentication guidance for Federal agencies. Dec 16Google Scholar
  11. 11.
    NIST (2006) Special publication 800-63. Electronic authentication guidelineGoogle Scholar
  12. 12.
    IETF RFC 4683 (2006) Internet X.509 public key infrastructure subject identification method (SIM)Google Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2013

Authors and Affiliations

  1. 1.Department of Communication and Information EngineeringDongseo UniversityBusanKorea

Personalised recommendations