Professional Documents
Culture Documents
An Efficient Biometrics-Based Remote User Authentication Scheme Using Smart Cards
An Efficient Biometrics-Based Remote User Authentication Scheme Using Smart Cards
Source:
Journal of Network and Computer Applications, Vol. 33, No. 1, pp. 1-5, January 2010 Authors: Chun-Ta Li and Min-Shiang Hwang Reporter: Ya-Chieh Huang Date: 2009/11/05
Introduction
User
Server Identity of user
PW
B h() XS ||
U
ID, B, PW
Computes f h( B ) r h( PW || f ) e h( ID X S ) r
smart card {ID, h(), f , e}
U
Inserts the smart card and inputs B Verifies h ( B ) f Inputs PW Computes r h ( PW || f ) e r ' h( ID X S ) Selects random RU
?
ID, h( ID X S ) RU
6
S Computes A h ( ID X S )
h ( ID X S ) RU A RU Selects random RS
h(h( ID X S ) RU || RU ), h( ID X S ) RS
Verifies h(h( ID X S ) RU || RU ) Computes h( ID X S ) RS h( ID X S ) RS h(h( ID X S ) RS || RS )
Verifies h(h( ID X S ) RS || RS )
7
Change password
U
Inserts the smart card and inputs B Verifies h( B ) f Inputs PW Computes r h( PW || f ) e r ' h( ID X S ) enew h( ID X S ) h( PWnew || f )
8
Comparisons
LeeChiu (2005) Registration phase Login phase 2H + 1E 2H + 1E Khan et al. (2008) 2H 2H Our scheme 3H 2H
Authentication phase
Change password Mutual authentication Synchronized clocks Non-repudiation
2H
Yes No Yes No
5H
Yes Yes Yes Yes
5H
Yes Yes No Yes
9
Conclusions
Non-repudiation
Mutual authentication
Freely change password
10