Title :
Security weaknesses of an improved biometrics-based user authentication scheme without concurrency system
Author_Institution :
Comput. Media Inf. Eng., Kangnam Univ., Yongin, South Korea
Abstract :
Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2010, Chang et al. proposed an improved biometrics-based user authentication scheme without concurrency system which can withstand the forgery attack, the off-line password guessing attack, the replay attack, etc. In this paper, we analyze the security weaknesses of Chang et al.´s scheme, and we will show that Chang et al.´s scheme is still vulnerable to the user impersonation attack, the server masquerading attack and the biometric guessing attack, and does not provide the mutual authentication between the user and the remote server.
Keywords :
biometrics (access control); security of data; smart cards; biometric guessing attack; biometrics-based user authentication scheme; forgery attack; offline password guessing attack; replay attack; security weakness; server masquerading attack; smart cards; user impersonation attack; Biometrics; Computers; Cryptography; Nickel; Servers; Authentication; Biometrics; Mutual Authentication; Server Masquerading Attack; User Impersonation Attack;
Conference_Titel :
Advanced Communication Technology (ICACT), 2012 14th International Conference on
Conference_Location :
PyeongChang
Print_ISBN :
978-1-4673-0150-3
