An efficient and practical fingerprint-based remote user authentication scheme with smart cards

Authors:
Muhammad Khurram Khan;Jiashu Zhang
Affiliations:
Research Group for Biometrics and Security, Sichuan Province Key Laboratory of Signal and Information Processing, Southwest Jiaotong University, Chengdu, Sichuan, P.R. China;Research Group for Biometrics and Security, Sichuan Province Key Laboratory of Signal and Information Processing, Southwest Jiaotong University, Chengdu, Sichuan, P.R. China
Venue:
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Year:
2006

Citing 15
Cited 2

Why cryptosystems fail

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On-Line Fingerprint Verification

IEEE Transactions on Pattern Analysis and Machine Intelligence
Authenticating public terminals

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Password authentication with insecure communication

Communications of the ACM
A flexible remote user authentication scheme using smart cards
Smart Card Handbook

Smart Card Handbook
Hiding Biometric Data

IEEE Transactions on Pattern Analysis and Machine Intelligence
Some Forgery Attacks on a Remote User Authentication Scheme Using Smart Cards

Informatica
Efficient remote user authentication scheme using smart card

Computer Networks: The International Journal of Computer and Telecommunications Networking
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
An efficient remote use authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
A modified remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Cryptanalysis of a modified remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics
Efficient remote user authentication scheme based on generalized ElGamal signature scheme

IEEE Transactions on Consumer Electronics
New remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

An enhanced biometrics-based remote user authentication scheme using mobile devices

International Journal of Computational Intelligence Studies
An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics

Expert Systems with Applications: An International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, Lee et al. proposed a fingerprint-based remote user authentication scheme using smart cards. We demonstrate that their scheme is vulnerable and susceptible to the attack and has some practical pitfalls. Their scheme performs only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Furthermore, in their scheme, remote system generates and assigns the passwords, and users cannot choose and change their passwords. Moreover, passwords are long pseudorandom numbers and difficult to remember for a user. To solve these problems, we propose an efficient and practical fingerprint-based remote user authentication scheme using smart cards, which is based on one-way collision free hash functions. Proposed scheme not only overcomes all the drawbacks and problems of Lee et al.'s scheme, but also provides a secure and user-friendly fingerprint-based remote user authentication over insecure network. In addition, computational costs and efficiency of the proposed scheme are better than Lee et al.'s scheme.