An Enhanced Biometric-Based Three Factors User Authentication Scheme for Multi-server Environments

Lin, Youping; Wan, Kaihui; Zhang, Baocan; Liu, Yuzhen; Li, Xiong

doi:10.14257/ijsia.2016.10.1.29

Cited by 6 publications

(2 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this section, we review the biometric-based three factors user authentication scheme for multi-server environments by Lin et al [14] in 2016. As previous researches, Lin et al demonstrated the security weaknesses of Baruah et al's scheme [13], and proposed an enhanced biometric-based three factor user authentication scheme for multi-server environments using smart card.…”

Section: Review Of Lin Et Al's Schemementioning

confidence: 99%

See 1 more Smart Citation

Security Improvement on Biometric-based Three Factors User Authentication Scheme for Multi-Server Environments

Moon¹,

Won²

2016

The Transactions of The Korean Institute of Electrical Engineer

View full text Add to dashboard Cite

-In the multi-server environment, remote user authentication has a very critical issue because it provides the authorization that enables users to access their resource or services. For this reason, numerous remote user authentication schemes have been proposed over recent years. Recently, Lin et al. have shown that the weaknesses of Baruah et al.'s three factors user authentication scheme for multi-server environment, and proposed an enhanced biometric-based remote user authentication scheme. They claimed that their scheme has many security features and can resist various well-known attacks; however, we found that Lin et al.'s scheme is still insecure. In this paper, we demonstrate that Lin et al.'s scheme is vulnerable against the outsider attack and user impersonation attack, and propose a new biometric-based scheme for authentication and key agreement that can be used in the multi-server environment. Lastly, we show that the proposed scheme is more secure and can support the security properties.

show abstract

Section: Review Of Lin Et Al's Schemementioning

confidence: 99%

“…Recently, Lin et al [14] found that Baruah et al's scheme cannot resist the stolen smart card attack, and proposed an enhanced user authentication scheme. In order to overcome these weaknesses, they used the fuzzy extractor technology [15].…”

Section: Introductionmentioning

confidence: 99%