Journal ArticleDOI
A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards
Reads0
Chats0
TLDR
This paper first analyzes He-Wang's scheme, then proposes a new secure multi-server authentication protocol using biometric-based smart card and ECC with more security functionalities and shows that the proposed scheme provides secure authentication.Abstract:
Recently, in 2014, He and Wang proposed a robust and efficient multi-server authentication scheme using biometrics-based smart card and elliptic curve cryptography (ECC). In this paper, we first analyze He–Wang’s scheme and show that their scheme is vulnerable to a known session-specific temporary information attack and impersonation attack. In addition, we show that their scheme does not provide strong user’s anonymity. Furthermore, He–Wang’s scheme cannot provide the user revocation facility when the smart card is lost/stolen or user’s authentication parameter is revealed. Apart from these, He–Wang’s scheme has some design flaws, such as wrong password login and its consequences, and wrong password update during password change phase. We then propose a new secure multi-server authentication protocol using biometric-based smart card and ECC with more security functionalities. Using the Burrows–Abadi–Needham logic, we show that our scheme provides secure authentication. In addition, we simulate our scheme for the formal security verification using the widely accepted and used automated validation of Internet security protocols and applications tool, and show that our scheme is secure against passive and active attacks. Our scheme provides high security along with low communication cost, computational cost, and variety of security features. As a result, our scheme is very suitable for battery-limited mobile devices as compared with He–Wang’s scheme.read more
Citations
More filters
Journal ArticleDOI
Barriers and Facilitators That Influence Telemedicine-Based, Real-Time, Online Consultation at Patients’ Homes: Systematic Literature Review
TL;DR: HOHC via video conferencing was effective in delivering online treatment and was well-accepted by patients, as it simulated in-person, face-to-face consultation.
Journal ArticleDOI
Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound
Ding Wang,Ping Wang +1 more
TL;DR: In this paper, a security model that can accurately capture the practical capabilities of an adversary is defined and a broad set of twelve properties framed as a systematic methodology for comparative evaluation, allowing schemes to be rated across a common spectrum.
Journal ArticleDOI
Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks
TL;DR: The design of a new secure lightweight three-factor remote user authentication scheme for HIoTNs, called the user authenticated key management protocol (UAKMP), which is comparable in computation and communication costs as compared to other existing schemes.
Journal ArticleDOI
Provably Secure Authenticated Key Agreement Scheme for Smart Grid
TL;DR: This paper analyzes the security of a recent relevant work in smart grid and proposes a new efficient provably secure authenticated key agreement scheme for smart grid that achieves the well-known security functionalities including smart meter credentials’ privacy and SK-security under the CK-adversary model.
Journal ArticleDOI
Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment
TL;DR: A new secure remote user authentication scheme for a smart home environment that is efficient for resource-constrained smart devices with limited resources as it uses only one-way hash functions, bitwise XOR operations and symmetric encryptions/decryptions.
References
More filters
Book ChapterDOI
Differential Power Analysis
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Journal ArticleDOI
An introduction to biometric recognition
TL;DR: A brief overview of the field of biometrics is given and some of its advantages, disadvantages, strengths, limitations, and related privacy concerns are summarized.
Book
Cryptography and Network Security: Principles and Practice
TL;DR: The new edition of William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students.
Journal ArticleDOI
Password authentication with insecure communication
TL;DR: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system.