A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments.

Hua Guo; Pei Wang; Xiyong Zhang; Yuanfei Huang; Fangchao Ma

doi:10.1371/journal.pone.0187403

PLoS ONE (Jan 2017)

A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments.

Hua Guo,
Pei Wang,
Xiyong Zhang,
Yuanfei Huang,
Fangchao Ma

Affiliations

Hua Guo
Pei Wang
Xiyong Zhang
Yuanfei Huang
Fangchao Ma

DOI: https://doi.org/10.1371/journal.pone.0187403
Journal volume & issue: Vol. 12, no. 11
p. e0187403

Abstract

Read online

In order to improve the security in remote authentication systems, numerous biometric-based authentication schemes using smart cards have been proposed. Recently, Moon et al. presented an authentication scheme to remedy the flaws of Lu et al.'s scheme, and claimed that their improved protocol supports the required security properties. Unfortunately, we found that Moon et al.'s scheme still has weaknesses. In this paper, we show that Moon et al.'s scheme is vulnerable to insider attack, server spoofing attack, user impersonation attack and guessing attack. Furthermore, we propose a robust anonymous multi-server authentication scheme using public key encryption to remove the aforementioned problems. From the subsequent formal and informal security analysis, we demonstrate that our proposed scheme provides strong mutual authentication and satisfies the desirable security requirements. The functional and performance analysis shows that the improved scheme has the best secure functionality and is computational efficient.

Published in PLoS ONE

ISSN: 1932-6203 (Online)
Publisher: Public Library of Science (PLoS)
Country of publisher: United States
LCC subjects: Medicine; Science
Website: https://journals.plos.org/plosone/

About the journal