Abstract
We present a remote authentication scheme that uses biometrics and smart card for its working. The security of our scheme relies on onewayness and collision-resistance of hash functions. We use error control codes to remove noise from biometric readings taken at different times. We provide a detailed security analysis and show that the proposed scheme is able to withstand many commonly known attacks against remote authentication schemes. In addition, the scheme does not store biometric templates on the server and provides mutual authentication between the user and the server.
This work has been supported by a graduate fellowship from the Higher Education Commission of Pakistan.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, T., Lee, W.-B., Horng, G.: Secure SAS-like password authentication schemes. Computer Standards & Interfaces 27(1), 25–31 (2004)
Chien, H., Jan, J., Tseng, Y.: An efficient and practical solution to remote authentication: Smart card. Computers and Security 21(4), 372–375 (2002)
Daugman, J.: High confidence visual recognition of persons by a test of statistical independence. IEEE Transactions on Pattern Analysis and Machine Intelligence 15(11), 1148–1161 (1993)
Daugman, J.: The importance of being random: statistical principles of iris recognition. Pattern Recognition 36(2), 279–291 (2003)
Hao, F., Anderson, R., Daugman, J.: Combining crypto with biometrics effectively. IEEE Transactions on Computers 55(9), 1081–1088 (2006)
Hwang, M., Li, L.: A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(1), 28–30 (2000)
Hwang, M.S., Lee, C.C., Tang, Y.L.: A simple remote user authentication scheme. Mathematical and Computer Modelling 36(1), 103–107 (2002)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: ACM CCS 1999: 6th Conference on Computer and Communications Security, pp. 28–36 (1999)
Khan, M.K., Zhang, J.: Improving the security of ‘a flexible biometrics remote user authentication scheme’. Computer Standards & Interfaces 29(1), 82–85 (2007)
Ku, W.C., Chang, S.T., Chiang, M.H.: Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards. Electronics Letters 41(5), 240–241 (2005)
Lee, J.K., Ryu, S.R., Yoo, K.Y.: Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters 38(12), 554–555 (2002)
Lee, S.W., Kim, H.S., Yoo, K.Y.: Improved efficient remote user authentication scheme using smart cards. IEEE Transactions on Communications 50(2), 565–567 (2004)
Lin, C.-H., Lai, Y.-Y.: A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces 27(1), 19–23 (2004)
Lin, S., Costello, D.J.: Error Control Coding: Fundamentals and Applications. Prentice-Hall, Englewood Cliffs (1983)
Monro, D.M., Rakshit, S., Zhang, D.: DCT-based iris recognition. IEEE Trans. Pattern Anal. Mach. Intell. 29(4), 586–595 (2007)
Shen, J.J., Lin, C.W., Hwang, M.S.: Security enhancement for the timestamp-based password authentication scheme using smart cards. Computers & Security 22(7), 591–595 (2003)
Sun, H.: An efficient remote use authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46(4), 958–961 (2000)
Wildes, R., Asmuth, J.C., Green, G.L., Hsu, S.C., Kolczynski, R.J., Matey, J.R., McBride, S.E.: A machine-vision system for iris recognition. Machine Vision and Applications 9(1), 1–8 (1996)
Yang, S., Verbauwhede, I.: Secure iris verification. In: IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP, pp. II–133–II–136 (2007)
Yang, W.H., Shieh, S.P.: Password authentication schemes with smart cards. Computers & Security 18(8), 727–733 (1999)
Yoon, E.J., Ryu, E.K., Yoo, K.Y.: An improvement of Hwang-Lee-Tang’s simple remote user authentication schemes. Computers & Security 24(1), 50–56 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ziauddin, S. (2009). A Two-Factor Mutual Authentication Scheme Using Biometrics and Smart Card. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-10847-1_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10846-4
Online ISBN: 978-3-642-10847-1
eBook Packages: Computer ScienceComputer Science (R0)