CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHENTICATION SCHEME USING SMART CARDS

CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHENTICATION SCHEME USING SMART CARDS

Ashok Kumar Das

Center for Security, Theory and Algorithmic Research International Institute of Information Technology, Hyderabad 500 032, India

ABSTRACT

Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and thus it is efficient in computational cost and more secure than Li-Hwang’s scheme. Unfortunately, in this paper we show that Li et al.’s scheme still has some security weaknesses in their design. In order to withstand those weaknesses in their scheme, we further propose an improvement of their scheme so that the improved scheme always provides proper authentication and as a result, it establishes a session key between the user and the server at the end of successful user authentication.

KEYWORDS

Remote user authentication, Biometrics, Cryptanalysis, Smart cards, Security.

Original source Link : http://airccse.org/journal/nsa/0311nsa02.pdf

http://airccse.org/journal/jnsa11_current.html