Title :
Improvement of a Fingerprint-Based Remote User Authentication Scheme
Author :
Xu, Jing ; Zhu, Wen-Tao ; Feng, Deng-Guo
Author_Institution :
Grad. Univ., State Key Lab. of Inf. Security, Chinese Acad. of Sci., Beijing
Abstract :
Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards, in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords freely. In this paper, we show that their scheme is vulnerable to the parallel session attack. Furthermore, their scheme is susceptible to the impersonation attack provided that the information stored in the smart card is disclosed by an adversary. We also propose an improved scheme which is immune to the presented attacks.
Keywords :
authorisation; cryptography; fingerprint identification; smart cards; cryptanalysis; fingerprint-based remote user authentication scheme; parallel session attack; password authentication; smart cards; unauthorized access; Authentication; Fingerprint recognition; Immune system; Information security; Law; Legal factors; Network servers; Protection; Public key cryptography; Smart cards; Network Security; Smart Card; User Authentication;
Conference_Titel :
Information Security and Assurance, 2008. ISA 2008. International Conference on
Conference_Location :
Busan
Print_ISBN :
978-0-7695-3126-7
DOI :
10.1109/ISA.2008.62
