|Table of Contents|

Research of multiple factor remote authentication protocolbased on biometric information(PDF)


Research Field:
Publishing date:


Research of multiple factor remote authentication protocolbased on biometric information
Yue JingDeng Lihong
Department of Electrical Engineering,Xi’an Aeronautical University,Xi’an 710077,China
remote identity authentication biometric information elliptic curve cryptography smart card ban logic
To improve the security of remote identity authentication in multiple server environment,a multiple-factor authentication protocol including biometric information,elliptic curve cryptography and smart card is proposed. The protocol consists of six stages:setting stage,server registration stage,user registration phase,login stage,verification phase and password change stage. In the registration stage,the application of the fuzzy validator is adopted to convert the biometric template for random string,so as to avoid the effect of noise of biometric templates. On the login stage,elliptic curve cryptography(ECC)multiplication is used,which significantly reduces the cost of the bilinear pairing computation. BAN logic proves that the protocol can achieve secure session key agreement and two-way authentication. The protocol security analysis shows that the proposed protocol can resist many common security attacks,and the overall computation cost of registration and login phase is low.


[1] 帅青红,苗苗. 网上支付与电子银行[M]. 北京:机械工业出版社,2015.
[2]Xia Zhihua,Wang Xinhui,Sun Xingming,et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data[J]. IEEE Transactions on Parallel & Distributed Systems,2016,27(2):340-352.
[3]王晓菊,田立勤,赵竞雄. 基于物联网的用户行为认证机制与分析[J]. 南京理工大学学报,2015,39(1):70-77.
Wang Xiaoju,Tian Liqin,Zhao Jingxiong. User behavioral authentication mechanism and analysis based on IOT[J]. Journal of Nanjing University of Science and Technology,2015,39(1):70-77.
[4]Amin R,Islam S H,Biswas G P,et al. Cryptanalysis and enhancement of anonymity preserving remote user mutual authentication and session key agreement scheme for E-health care systems[J]. Journal of Medical Systems,2015,39(11):1-21.
[5]汪定. 基于智能卡的远程用户口令认证协议研究[D]. 哈尔滨:哈尔滨工程大学计算机科学与技术学院,2013.
[6]Pippal R S,Jaidhar C D,Tapaswi S. Robust smart card authentication scheme for multi-server architecture[J]. Wireless Personal Communications,2013,72(1):729-745.
[7]Wang Ding,Wang Ping. Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks[J]. Ad Hoc Networks,2014,20(2):1-15.
[8]Lee Chengchi,Lou Derchyuan,Li Chunta,et al. An extended chaotic-maps-based protocol with key agreement for multiserver environments[J]. Nonlinear Dynamics,2013,76(1):853-866.
[9]龙丽萍,陈伟建,杨拥军,等. 基于双因子认证技术的RFID认证协议的设计[J]. 计算机工程与设计,2013,34(11):3726-3730.
Long Liping,Chen Weijian,Yang Yongjun,et al. Double factors based authentication protocol for RFID[J]. Computer Engineering and Design,2013,34(11):3726-3730.

[10]龙威. 基于生物特征的匿名身份认证研究[D]. 北京:北京交通大学交通运输学院,2015.
[11]Amin R,Biswas G P. Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment[J]. Wireless Personal Communications,2015,84(1):439-462.
[12]Odelu V,Das A K,Goswami A. A secure biometrics-based multi-server authentication protocol using smart cards[J]. IEEE Transactions on Information Forensics & Security,2015,10(9):1953-1966.
[13]屈娟,邹黎敏,谭晓玲. 基于动态ID的远程认证方案的分析和改进[J]. 计算机工程与应用,2014,50(22):126-129.
Qu Juan,Zou Limin,Tan Xiaoling. Analysis and improvements of dynamic identity-based remote user authentic-cation scheme[J]. Computer Engineering and Applications,2014,50(22):126-129.
[14]张宁,臧亚丽,田捷. 生物特征与密码技术的融合——一种新的安全身份认证方案[J]. 密码学报,2015,2(2):159-176.
Zhang Ning,Zang Yali,Tian Jie. The integration of biometrics and cryptography-A new solution for secure identity authentication[J]. Journal of Cryptologic Research,2015,2(2):159-176.
[15]Chiou Shinyan,Ying Zhaoqin,Liu Junqiang. Improvement of a privacy authentication scheme based on cloud for medical environment[J]. Journal of Medical Systems,2016,40(4):101-115.
[16]王正才,许道云,王晓峰,等. BAN逻辑的可靠性分析与改进[J]. 计算机工程,2012,38(17):110-115.
Wang Zhengcai,Xu Daoyun,Wang Xiaofeng,et al. Reliability analysis and improvement of BAN Logic[J]. Computer Engineering,2012,38(17):110-115.


Last Update: 2019-02-28