원문정보
초록
영어
To improve the security weaknesses in user authentication system, many biometrics-based user authentication schemes using smart cards have been proposed. Das in 2011, proposed an effective biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication, while eliminating the security flaws of Li-Hwang’s scheme. In this paper, we analyze the security of Das’s scheme, and we have shown that Das’s scheme is still insecure against the user impersonation attack, the server masquerading attack, the off-line password guessing attack, the man-in-the-middle attack and the insider attack. In addition, Das’s scheme does not provide mutual authentication between the user and the server.
목차
1. Introduction
2. Reviews of Das’s scheme
2.1. Registration Phas e
2.2. Login Phase
2.3. Authentication Phase
3. Security Weaknesses of Das’s Scheme
3.1. User Impersonation Attack
3.2. Server Masquerading Attack
3.3. Password Guessing Attack
3.4. Man-in-the-Middle Attack
3.5. Insider Attack
3.6. Mutual Authentication
4. Conclusions
References