Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Explicit Communication Revisited: Two New Attacks on Authentication Protocols
IEEE Transactions on Software Engineering
Cryptography: Theory and Practice,Second Edition
Cryptography: Theory and Practice,Second Edition
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Practical Cryptography
Security analysis of smartcard to card reader communications for biometric cardholder authentication
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
| Hi-index | 0.00 |
We consider the security of the Rila-Mitchell security protocols recently proposed for biometrics-based smartcard systems. We first present a man-in-the-middle (MITM) attack on one of these protocols and hence show that it fails to achieve mutual authentication between the smartcard and smartcard reader. In particular, a hostile smartcard can trick the reader into believing that it is a legitimate card and vice versa. We also discuss security cautions that if not handled carefully would lead to attacks. We further suggest countermeasures to strengthen the protocols against our attacks, as well as to guard against the cautions highlighted. Our emphasis here is that seemingly secure protocols when implemented with poor choices of parameters would lead to attacks.