본문 바로가기
  • Home

Security Analysis and Improvements of a Biometrics-based User Authentication Scheme Using Smart Cards

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2012, 17(2), pp.159-166
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

Younghwa An 1

1강남대학교

Accredited

ABSTRACT

Many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2010, Chang et al. proposed an improved biometrics-based user authentication scheme without concurrency system which can withstand forgery attack, off-line password guessing attack, replay attack, etc. In this paper, we analyze the security weaknesses of Chang et al.’s scheme and we have shown that Chang et al.’s scheme is still insecure against man-in-the-middle attack, off-line biometrics guessing attack, and does not provide mutual authentication between the user and the server. And we proposed the improved scheme to overcome these security weaknesses, even if the secret information stored in the smart card is revealed. As a result, the proposed scheme is secure for the user authentication attack, the server masquerading attack, the man-in-the-middle attack, and the off-line biometrics guessing attack, does provide the mutual authentication between the user and the remote server. And, in terms of computational complexities, the proposed scheme is more effective than Chang et al.’s scheme.

Citation status

* References for papers published after 2022 are currently being built.