Remarks on fingerprint-based remote user authentication scheme using smart cards

Authors:
Chin-Chen Chang;Iuon-Chang Lin
Affiliations:
National Chung Cheng University, Chaiyi, Taiwan, R.O.C.;National Kaohsiung University of Applied Sciences, Kaohsiung, Taiwan, R.O.C.
Venue:
ACM SIGOPS Operating Systems Review
Year:
2004

Citing 3
Cited 4

Research: Remote login authentication scheme based on a geometric approach

Computer Communications
Research: Remote scheme for password authentication based on theory of quadratic residues

Computer Communications
A new remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics

IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards

Journal of Network and Computer Applications
Secure fingerprint-based remote user authentication scheme using smartcards

WINE'05 Proceedings of the First international conference on Internet and Network Economics
An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics

Expert Systems with Applications: An International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

In 2002, Lee, Ryu, and Yoo proposed a fingerprint-based remote user authentication scheme using smart cards. The scheme makes it possible for authenticating the legitimacy of each login user without any password table. In addition, the authors claimed that the scheme can withstand message replay attack and impersonation. In this paper, we shall point out a security flaw in this scheme, that is, n legitimate users can conspire to forge 2n-n-1 valid IDs and PWs for successfully passing the system authentication. Furthermore, we also show that the authentication equation is incorrect. Thus, the scheme is unworkable.