Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy

被引:0
作者
Qi Jiang
Fushan Wei
Shuai Fu
Jianfeng Ma
Guangsong Li
Abdulhameed Alelaiwi
机构
[1] Xidian University,School of Cyber Engineering
[2] State Key Laboratory of Mathematical Engineering and Advanced Computing,Department of Software Engineering, College of Computer and Information Sciences
[3] King Saud University,undefined
来源
Nonlinear Dynamics | 2016年 / 83卷
关键词
Authentication; Key agreement; Chaotic map; Password; Smart card; Biometrics; Anonymity; Privacy;
D O I
暂无
中图分类号
学科分类号
摘要
Due to its high level of security, three-factor authentication combining password, smart card and biometrics has received much interest in the past decades. Recently, Islam proposed a dynamic identity-based three-factor authentication scheme using extended chaotic map which attempts to fulfill three-factor security and resist various known attacks, offering many advantages over existing works. However, in this paper we first show that the process of password verification in the login phase is invalid. Besides this defect, it is also vulnerable to user impersonation attack and off-line password guessing attack, under the condition that the smart card is lost or stolen. Furthermore, it fails to preserve biometric template privacy in the case that the password and the smart card are compromised. To remedy these flaws, we propose a robust three-factor authentication scheme, which not only resists various known attacks, but also provides more desired security features. We demonstrate that our scheme provides mutual authentication using the Burrows–Abadi–Needham logic. Our scheme provides high security strength as well as low computational cost.
引用
收藏
页码:2085 / 2101
页数:16
相关论文
共 148 条
[1]  
Xia Z(2015)A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data IEEE Trans. Parallel Distrib. Syst. E98–B 190-200
[2]  
Wang X(2015)Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing IEICE Trans. Commun. 16 317-323
[3]  
Sun X(2015)Mutual verifiable provable data auditing in public cloud storage J. Internet Technol. 15 929-936
[4]  
Wang Q(2014)A variable threshold-value authentication architecture for wireless mesh networks J. Internet Technol. 78 247-269
[5]  
Fu Z(2014)A secure and effective anonymous authentication scheme for roaming service in global mobility networks Wirel. Pers. Commun. 12 428-442
[6]  
Sun X(2015)Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment IEEE Trans. Depend. Secure Comput. 321 162-178
[7]  
Liu Q(2015)Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity Inf. Sci. 91 2021-2040
[8]  
Zhou L(2003)Comparing passwords, tokens, and biometrics for user authentication Proc. IEEE 9 2302-2313
[9]  
Shu J(2014)An efficient and improved generic framework for three-factor authentication with provably secure instantiation IEEE Trans. Inf. Forensics Secur. 22 1390-1397
[10]  
Ren Y(2011)A generic framework for three-factor authentication: preserving security and privacy in distributed systems IEEE Trans. Parallel Distrib. Syst. 27 19-23
12345678910