Open AccessApplying biometrics to design three‐factor remote user authentication scheme with key agreement
Author(s) -
Li Xiong,
Niu Jianwei,
Wang Zhibo,
Chen Caisen
Publication year - 2014
Publication title -
security and communication networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.446
H-Index - 43
eISSN - 1939-0122
pISSN - 1939-0114
DOI - 10.1002/sec.767
Subject(s) - computer science , biometrics , multi factor authentication , scheme (mathematics) , mutual authentication , computer security , authentication (law) , key (lock) , smart card , authentication protocol , session key , factor (programming language) , encryption , mathematical analysis , mathematics , programming language
ABSTRACT There are some biometrics‐based three‐factor remote user authentication schemes proposed by researchers for ensure high security features for network‐based application systems. Recently, Das pointed out the security flaws of Li and Hwang's three‐factor remote user authentication scheme, and proposed an enhanced biometrics‐based three‐factor remote user authentication scheme. Das's scheme overcomes the defects of Li and Hwang's scheme, and maintains the advantages of Li and Hwang's scheme at the same time. However, after detailed analysis, we find that Das's scheme remains vulnerable to forgery attack and stolen smart card attack; at the same time, Das's scheme cannot provide the session key agreement after the mutual authentication. To provide more security features, we design a three‐factor remote user authentication scheme with key agreement using biometrics. Copyright © 2013 John Wiley & Sons, Ltd.