A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment

Wang, Feifei; Xu, Guizhi; Wang, Chenyu; Peng, Junhao

doi:10.1155/2019/2838615

Cited by 25 publications

(23 citation statements)

References 35 publications

(76 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Specifically, the conclusions obtained by the BAN logic are through rigorous logic analysis, which further explains the confidentiality and credibility of the communication information. e notations and rules of the BAN logic used in the BAN logic calculation performed in this study are cited in [24,27,28,30,31,36,50,51]. e proof of our scheme is as follows:…”

Section: Formal Security Analysis By Ban Logicmentioning

confidence: 98%

“…In 2018, Wang et al [26] proposed an evaluation framework for a two-factor authentication scheme for real-time data access in industrial wireless sensor networks and evaluated the relevant schemes. e third is three-factor authentication, which is based on passwords, smart cards, and biometrics [27][28][29][30][31][32][33][34][35][36][37][38][39]. In a public channel, an attacker may eavesdrop, modify, or replay transmitted messages.…”

Section: Introductionmentioning

confidence: 99%

“…Ali and Pal [34] proposed a three-factor multiserver authentication scheme based on an elliptic curve cryptosystem to solve the abovementioned issues. Unfortunately, Wang et al [36] discovered that the scheme presented in [34] was vulnerable to user impersonation, server impersonation, privileged insider, and denial-of-service attacks, among others, and could not provide both forward and three-factor confidentiality. erefore, Wang et al proposed an improved multiserver authentication scheme based on biometrics and claimed that their scheme can overcome offline passwordguessing, user impersonation, server impersonation, known specific session temporary information, three-factor security, user anonymity, and privileged internal attacks.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

Yang

Lee

Chen

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

A multiserver environment can improve the efficiency of mobile network services more effectively than a single server in managing the increase in users. Because of the large number of users, the security of users’ personal information and communication information is more important in a multiserver environment. Recently, Wang et al. proposed a multiserver authentication scheme based on biometrics and proved the security of their scheme. However, we first demonstrate that their scheme is insecure against a known session-specific temporary information attacks, user impersonation attacks, and server impersonation attacks. To solve the security weakness, we propose an improved scheme based on Wang et al.’s scheme. The security of our improved scheme is also validated based on the formal security analysis, Burrows–Abadi–Needham (BAN) logic, ProVerif, and informal security analysis. Security and performance comparisons prove the security and efficiency of our scheme.

show abstract

Section: Formal Security Analysis By Ban Logicmentioning

confidence: 98%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

Yang

Lee

Chen

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Feng et al [19] pointed out the scheme devised by Kumari et al is insecure against the server-impersonation Attack and presented an authentication scheme for the MSE environment. Ali et al [20] devised an AKE based on ECC for MSE and thereafter, Wang et al [21] demonstrated that the scheme proposed by Ali et al can not withstand privileged insider attack, user/server impersonation attack, DoS attack, and fails to provide forward-secrecy. Challa et al [22] devised an ECC based AKE scheme, which is unprotected against various security attacks.…”

Section: Related Workmentioning

confidence: 99%

LAKE-IoD: Lightweight Authenticated Key Exchange Protocol for the Internet of Drone Environment

et al. 2020

View full text Add to dashboard Cite

A drone is an unmanned aerial vehicle, which is deployed in a particular Fly Zone (FZ), and used to collect crucial information from its surrounding environment to be transmitted to the server for further processing. Generally, a Mobile User (MU) is required to access the real-time information collected by the drone stationed in a specific FZ securely. Therefore, to ensure secure and reliable communications an Authenticated Key Exchange (AKE) protocol is imperative to the Internet of Drone (IoD) environment. An AKE scheme ensures only authentic MU to access IoD network resources. Upon successful authentication, MU and drone can set up a secret session key for secure communication in the future. This paper presents a novel Lightweight AKE Protocol for IoD Environment (LAKE-IoD), which first ensures the authenticity of MU and also renders session key establishment mechanism between MU and drone with the help of a server. LAKE-IoD is an AKE protocol, which is based on an authenticated encryption scheme AEGIS, hash function, and bit-wise XOR operation. Meticulous formal security verification by employing a software tool known as Scyther and informal security analysis demonstrates that LAKE-IoD is protected against different well-known active and passive security attacks. Additionally, Burrows-Abadi-Needham logic is applied to verify the logical completeness of LAKE-IoD. Furthermore, a comparison of LAKE-IoD with the related schemes shows that LAKE-IoD incurs less communication, computational and storage overhead.

show abstract

“…An authentication protocol is indispensable to prevent unauthorized access and protect the sensitive data and user privacy. From the first smart card-based authentication protocol [7] introduced by Yang and Shieh in 1999, there have been a large number of enhanced schemes proposed [2,[8][9][10][11][12][13]. Based on the authentication factors the user employs, the authentication schemes are divided into two-factor authentication schemes and three-factor authentication schemes.…”

Section: Introductionmentioning

confidence: 99%

A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

Wang

et al. 2020

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

With the development of Internet of Things (IoT) technologies, Internet-enabled devices have been widely used in our daily lives. As a new service paradigm, cloud computing aims at solving the resource-constrained problem of Internet-enabled devices. It is playing an increasingly important role in resource sharing. Due to the complexity and openness of wireless networks, the authentication protocol is crucial for secure communication and user privacy protection. In this paper, we discuss the limitations of a recently introduced IoT-based authentication scheme for cloud computing. Furthermore, we present an enhanced three-factor authentication scheme using chaotic maps. The session key is established based on Chebyshev chaotic-based Diffie–Hellman key exchange. In addition, the session key involves a long-term secret. It ensures that our scheme is secure against all the possible session key exposure attacks. Besides, our scheme can effectively update user password locally. Burrows–Abadi–Needham logic proof confirms that our scheme provides mutual authentication and session key agreement. The formal analysis under random oracle model proves the semantic security of our scheme. The informal analysis shows that our scheme is immune to diverse attacks and has desired features such as three-factor secrecy. Finally, the performance comparisons demonstrate that our scheme provides optimal security features with an acceptable computation and communication overheads.

show abstract

A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment

Cited by 25 publications

References 35 publications

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

LAKE-IoD: Lightweight Authenticated Key Exchange Protocol for the Internet of Drone Environment

A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

Contact Info

Product

Resources

About