A Secure Biometrics and PUFs-Based Authentication Scheme With Key Agreement For Multi-Server Environments

The emergence of multi-server authentication key protocol schemes provides a viable environment for users to easily access the services of multiple legitimate servers through a single registration. Biometric identification technology has the characteristics of forgery difficulty, duplication difficu...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2020, Vol.8, p.45292-45303
Hauptverfasser: Zhao, Jun, Bian, Weixin, Xu, Deqin, Jie, Biao, Ding, Xintao, Zhou, Wen, Zhang, Hui
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The emergence of multi-server authentication key protocol schemes provides a viable environment for users to easily access the services of multiple legitimate servers through a single registration. Biometric identification technology has the characteristics of forgery difficulty, duplication difficulty and guess difficulty, etc. Therefore, it is an indispensable authentication technology in smart card-based user authentication protocol. There are many shortcomings in the existing schemes based on biometrics, including leakages of biometrics information, smart card theft attack, lack of user anonymity, user impersonation attack, server impersonation, and so on. To overcome these shortcomings, we propose a new user authentication and key agreement scheme in the multi-server environment. To some extent, we not only are able to guarantee the communication security between the user and the servers, but also ensure the physical security of the smart card and biometrics information. In this respect, we use lightweight cryptographic primitives, such as Physically Unclonable Functions (PUFs), Fuzzy extractor and One-way hash functions, and so on. The proposed scheme can effectively protect user's anonymity without the use of password and provide mutual authentication and key agreement in the multi-server environment. Subsequently, we used informal analysis, Burrows-Abadi-Needham Logic (BAN-Logic) proof, and a widely accepted Real-Or-Random model to prove the security and robustness of proposed scheme. Finally, our authentication protocol can protect the security of communication.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2020.2975615