Security analysis and enhancements of an improved multi-factor biometric authentication scheme
Many remote user authentication schemes have been designed and developed to establish secure and authorized communication between a user and server over an insecure channel. By employing a secure remote user authentication scheme, a user and server can authenticate each other and utilize advanced se...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi - SAGE Publishing
2017-08-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1177/1550147717724308 |
| _version_ | 1797763964443033600 |
|---|---|
| author | YoHan Park KiSung Park KyungKeun Lee Hwangjun Song YoungHo Park |
| author_facet | YoHan Park KiSung Park KyungKeun Lee Hwangjun Song YoungHo Park |
| author_sort | YoHan Park |
| collection | DOAJ |
| description | Many remote user authentication schemes have been designed and developed to establish secure and authorized communication between a user and server over an insecure channel. By employing a secure remote user authentication scheme, a user and server can authenticate each other and utilize advanced services. In 2015, Cao and Ge demonstrated that An’s scheme is also vulnerable to several attacks and does not provide user anonymity. They also proposed an improved multi-factor biometric authentication scheme. However, we review and cryptanalyze Cao and Ge’s scheme and demonstrate that their scheme fails in correctness and providing user anonymity and is vulnerable to ID guessing attack and server masquerading attack. To overcome these drawbacks, we propose a security-improved authentication scheme that provides a dynamic ID mechanism and better security functionalities. Then, we show that our proposed scheme is secure against various attacks and prove the security of the proposed scheme using BAN Logic. |
| first_indexed | 2024-03-12T19:48:55Z |
| format | Article |
| id | doaj.art-345b7f759a7741e5a74fcc0892ff6020 |
| institution | Directory Open Access Journal |
| issn | 1550-1477 |
| language | English |
| last_indexed | 2024-03-12T19:48:55Z |
| publishDate | 2017-08-01 |
| publisher | Hindawi - SAGE Publishing |
| record_format | Article |
| series | International Journal of Distributed Sensor Networks |
| spelling | doaj.art-345b7f759a7741e5a74fcc0892ff60202023-08-02T03:19:13ZengHindawi - SAGE PublishingInternational Journal of Distributed Sensor Networks1550-14772017-08-011310.1177/1550147717724308Security analysis and enhancements of an improved multi-factor biometric authentication schemeYoHan Park0KiSung Park1KyungKeun Lee2Hwangjun Song3YoungHo Park4Division of IT Convergence, Korea Nazarene University, Korea, RepublicSchool of Electronics Engineering, Kyungpook National University, Daegu, Korea, RepublicMobile Division, Samsung Electronics, Korea, RepublicDepartment of Computer Science and Engineering, Pohang University of Science and Technology (POSTECH), Korea, RepublicSchool of Electronics Engineering, Kyungpook National University, Daegu, Korea, RepublicMany remote user authentication schemes have been designed and developed to establish secure and authorized communication between a user and server over an insecure channel. By employing a secure remote user authentication scheme, a user and server can authenticate each other and utilize advanced services. In 2015, Cao and Ge demonstrated that An’s scheme is also vulnerable to several attacks and does not provide user anonymity. They also proposed an improved multi-factor biometric authentication scheme. However, we review and cryptanalyze Cao and Ge’s scheme and demonstrate that their scheme fails in correctness and providing user anonymity and is vulnerable to ID guessing attack and server masquerading attack. To overcome these drawbacks, we propose a security-improved authentication scheme that provides a dynamic ID mechanism and better security functionalities. Then, we show that our proposed scheme is secure against various attacks and prove the security of the proposed scheme using BAN Logic.https://doi.org/10.1177/1550147717724308 |
| spellingShingle | YoHan Park KiSung Park KyungKeun Lee Hwangjun Song YoungHo Park Security analysis and enhancements of an improved multi-factor biometric authentication scheme International Journal of Distributed Sensor Networks |
| title | Security analysis and enhancements of an improved multi-factor biometric authentication scheme |
| title_full | Security analysis and enhancements of an improved multi-factor biometric authentication scheme |
| title_fullStr | Security analysis and enhancements of an improved multi-factor biometric authentication scheme |
| title_full_unstemmed | Security analysis and enhancements of an improved multi-factor biometric authentication scheme |
| title_short | Security analysis and enhancements of an improved multi-factor biometric authentication scheme |
| title_sort | security analysis and enhancements of an improved multi factor biometric authentication scheme |
| url | https://doi.org/10.1177/1550147717724308 |
| work_keys_str_mv | AT yohanpark securityanalysisandenhancementsofanimprovedmultifactorbiometricauthenticationscheme AT kisungpark securityanalysisandenhancementsofanimprovedmultifactorbiometricauthenticationscheme AT kyungkeunlee securityanalysisandenhancementsofanimprovedmultifactorbiometricauthenticationscheme AT hwangjunsong securityanalysisandenhancementsofanimprovedmultifactorbiometricauthenticationscheme AT younghopark securityanalysisandenhancementsofanimprovedmultifactorbiometricauthenticationscheme |