Login New user?  
01-Applied Mathematics & Information Sciences
An International Journal
               
 
 
 
 
 
 
 
 
 
 
 
 
 

Content
 

Volumes > Volume 09 > No. 3

 
   

A biometric-based Password Authentication with key Exchange Scheme using Mobile Device for Multi-Server Environment

PP: 1123-1137
Author(s)
Xuelei Li, Qiaoyan Wen, Wenmin Li, Hua Zhang, Zhengping Jin,
Abstract
Remote authentication for multi-server environment can help users register only once and access arbitrary services conveniently in the same registry realm. However, most of the solutions are plagued by security problems. In this paper, we point out that ‘a novel smart card and dynamic ID based remote user authentication scheme for multi-server environment’ is vulnerable to user impersonation attack, server masquerade attack and cannot achieve forward secrecy. Therefore, by introducing biometrics as the third authentication factor, we devise an enhanced three-factor based remote authentication with key agreement scheme for multiserver environment. In our designation, we combine the technologies of Client Puzzle, Fuzzy Extractor, message authentication code (MAC) and Diffie-Hellman key exchange. Moreover, our proposal not only maintains the advantages of the original, but also preserves user privacy with optional access mode. Meanwhile, it can be also reduced to two-factor based scheme with less security properties for specific applications. Finally, the proposed scheme is proved to work correctly through BAN-Logic, and the security analysis and performance cost are discussed to show that our proposal is more secure, robust and practical.

  Home   About us   News   Journals   Conferences Contact us Copyright naturalspublishing.com. All Rights Reserved