Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy

Due to its high level of security, three-factor authentication combining password, smart card and biometrics has received much interest in the past decades. Recently, Islam proposed a dynamic identity-based three-factor authentication scheme using extended chaotic map which attempts to fulfill three-factor security and resist various known attacks, offering many advantages over existing works. However, in this paper we first show that the process of password verification in the login phase is invalid. Besides this defect, it is also vulnerable to user impersonation attack and off-line password guessing attack, under the condition that the smart card is lost or stolen. Furthermore, it fails to preserve biometric template privacy in the case that the password and the smart card are compromised. To remedy these flaws, we propose a robust three-factor authentication scheme, which not only resists various known attacks, but also provides more desired security features. We demonstrate that our scheme provides mutual authentication using the Burrows–Abadi–Needham logic. Our scheme provides high security strength as well as low computational cost.