Password authentication with insecure communication
Communications of the ACM
ID-based password authentication scheme using smart cards and fingerprints
ACM SIGOPS Operating Systems Review
Cryptanalysis of an ID-based password authentication scheme using smart cards and fingerprints
ACM SIGOPS Operating Systems Review
Enhancing security and privacy in biometrics-based authentication systems
IBM Systems Journal - End-to-end security
Remarks on fingerprint-based remote user authentication scheme using smart cards
ACM SIGOPS Operating Systems Review
Improving the security of 'a flexible biometrics remote user authentication scheme'
Computer Standards & Interfaces
A new mutual authentication scheme based on nonce and smart cards
Computer Communications
EURASIP Journal on Advances in Signal Processing
A secure dynamic ID based remote user authentication scheme for multi-server environment
Computer Standards & Interfaces
An efficient biometrics-based remote user authentication scheme using smart cards
Journal of Network and Computer Applications
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
New shielding functions to enhance privacy and prevent misuse of biometric templates
AVBPA'03 Proceedings of the 4th international conference on Audio- and video-based biometric person authentication
A public key cryptosystem and a signature scheme based on discrete logarithms
IEEE Transactions on Information Theory
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Cryptanalysis of a remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Journal of Network and Computer Applications
Security analysis of a multi-factor authenticated key exchange protocol
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
An enhanced biometrics-based remote user authentication scheme using mobile devices
International Journal of Computational Intelligence Studies
Journal of Medical Systems
An improved dynamic ID-based remote user authentication with key agreement scheme
Journal of Electrical and Computer Engineering
Journal of Intelligent Manufacturing
Enhanced Dynamic Authentication Scheme (EDAS)
Information Systems Frontiers
| Hi-index | 0.00 |
Recently, Li and Hwang proposed a biometrics-based remote user authentication scheme using smart cards [Journal of Network and Computer Applications 33 (2010) 1-5]. The scheme is based on biometrics verification, smart card and one-way hash function, and it uses the nonce rather than a synchronized clock, so it is very efficient in computational cost. Unfortunately, the scheme has some security weaknesses, that is to say Li and Hwang's scheme does not provide proper authentication and it cannot resist the man-in-the-middle attacks. If an attacker controls the insecure channel, she/he can easily fabricate messages to pass the user's or server's authentication. Besides, the malicious attacker can impersonate the user to cheat the server and can impersonate the server to cheat the user without knowing any secret information. This paper proposes an improved biometrics-based remote user authentication scheme that removes the aforementioned weaknesses and supports session key agreement.