Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data

Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data

Recently, to achieve privacy protection using biometrics, Fan and Lin proposed a three-factor authentication scheme based on password, smart card and biometrics. However, the authors have found that Fan and Lin's proposed scheme (i) has flaws in the design of biometrics privacy, (ii) fails to m...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IET information security 2013-09, Vol.7 (3), p.247-252
Hauptverfasser: Yeh, Hsiu-Lien, Chen, Tien-Ho, Hu, Kuei-Jung, Shih, Wei-Kuan
Format: Artikel
Sprache:eng
Schlagworte:
Algebra
Applied sciences
Authentication
authorisation
biometric data privacy
Biometrics
biometrics (access control)
biometrics privacy design
biometrics‐based three‐factor authentication scheme
Computer science
control theory
systems
Computer systems and distributed systems. User interface
Cryptography
data privacy
Defects
Exact sciences and technology
Fan‐Lin proposed scheme
Field theory and polynomials
Information, signal and communications theory
Mathematics
Memory and file management (including protection and security)
Memory organisation. Data processing
modification attack
password‐based three‐factor authentication scheme
Privacy
public key cryptography
robust elliptic curve cryptography‐based three factor user authentication
Sciences and techniques of general use
Security
security requirements
Signal and communications theory
Smart cards
smart card‐based three‐factor authentication scheme
Software
stolen‐verifier attack
Tables (data)
Telecommunications and information theory
verification table
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Recently, to achieve privacy protection using biometrics, Fan and Lin proposed a three-factor authentication scheme based on password, smart card and biometrics. However, the authors have found that Fan and Lin's proposed scheme (i) has flaws in the design of biometrics privacy, (ii) fails to maintain a verification table, making it vulnerable to stolen-verifier attack and modification attack, and (iii) is vulnerable to insider attacks. Thus, the authors propose an elliptic curve cryptography-based authentication scheme that is improved with regard to security requirements. The authors’ proposed scheme overcomes the flaws of Fan and Lin's scheme and is secured from attacks. Furthermore, the authors have presented a security analysis of their scheme to show that their scheme is suitable for the biometric systems.
ISSN:1751-8709
1751-8717
1751-8717
DOI:10.1049/iet-ifs.2011.0348