Return to search

Remote Password Authentication Scheme with Smart Cards and Biometrics

More and more researchers combine biometrics with passwords and smart cards to design remote authentication schemes for the purpose of high-degree security. However, in most of these authentication schemes proposed in the literatures so far, biometric characteristics are verified in the smart cards only, not in the remote servers, during the authentication processes. Although this kind of design can prevent the biometric data of the users from being known to the servers, it will result in that they are not real three-factor authentication schemes and therefore some security flaws may occur since the remote servers do not indeed verify the security factor of biometrics. In this thesis we propose a truly three-factor remote authentication scheme where all of the three security factors, passwords, smart cards, and biometric characteristics, are examined in the remote servers. Especially, the proposed scheme fully preserves the privacy of the biometric data of every user, that is, the scheme does not reveal the biometric data to anyone else, including the remote servers. Furthermore, we also demonstrate that the proposed scheme is immune to both the replay attacks and the offline-dictionary attacks and it achieves the requirement of low-computation cost for smart-card users. Finally, we give a formal analysis based on the GNY logic to prove that our goals are achieved.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0726106-092914
Date26 July 2006
CreatorsLin, Yi-Hui
ContributorsChun-I Fan, Chun-Hung Richard Lin, Cha-Hwa Lin, D. J. Guan
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageEnglish
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0726106-092914
Rightswithheld, Copyright information available at source archive

Page generated in 0.0013 seconds