A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps

Recently, biometric-based remote user authentication schemes along with passwords have drawn considerable attention in research. In 2011, Das proposed an improvement on an efficient biometric-based remote user authentication scheme using smart cards and claimed his scheme could resist various attacks. However, there are some weaknesses in Das’s scheme such as the privileged insider attack and the off-line password guessing attack. Besides, Das’s scheme also cannot provide user anonymity. To overcome these weaknesses, we shall propose a secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. The proposed scheme not only can resist the above-mentioned attacks, but also provide user anonymity.

[1]  Cheng-Chi Lee,et al.  On-line password guessing attack on Lu-Cao key agreement protocol for secure authentication , 2009 .

[2]  Ashok Kumar Das,et al.  Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards , 2011, IET Inf. Secur..

[3]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[4]  Cheng-Chi Lee,et al.  Password Authentication Schemes: Current Status and Key Issues , 2006, Int. J. Netw. Secur..

[5]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[6]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.

[7]  Cheng-Chi Lee On Security of An Efficient Nonce-based Authentication Scheme for SIP , 2009, Int. J. Netw. Secur..

[8]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[9]  Wuu Yang,et al.  A Chaotic Maps-Based Key Agreement Protocol that Preserves User Anonymity , 2009, 2009 IEEE International Conference on Communications.

[10]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[11]  Xing-yuan Wang,et al.  A chaotic image encryption algorithm based on perceptron model , 2010 .

[12]  X. Liao,et al.  One-way Hash function construction based on the chaotic map with changeable-parameter , 2005 .

[13]  Hung-Min Sun,et al.  oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks , 2012, IEEE Transactions on Information Forensics and Security.

[14]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[15]  Long-Jye Sheu,et al.  A speech encryption using fractional chaotic systems , 2011 .

[16]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[17]  Min-Shiang Hwang,et al.  Authenticated Encryption Schemes: Current Status and Key Issues , 2005, Int. J. Netw. Secur..

[18]  Xiaofeng Liao,et al.  A chaos-based hash function with both modification detection and localization capabilities , 2010 .

[19]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[20]  Xiaomin Wang,et al.  Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices , 2008 .

[21]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[22]  Song Han,et al.  Chaotic map based key agreement with/out clock synchronization , 2009 .

[23]  Yu-Chung Chiu,et al.  Improved remote authentication scheme with smart card , 2005, Comput. Stand. Interfaces.

[24]  Cheng-Chi Lee,et al.  An extended chaotic maps-based key agreement protocol with user anonymity , 2011, Nonlinear Dynamics.

[25]  Min-Shiang Hwang,et al.  A modified remote user authentication scheme using smart cards , 2003, IEEE Trans. Consumer Electron..

[26]  X. Liao,et al.  A block cipher with dynamic S-boxes based on tent map , 2009 .

[27]  Min-Shiang Hwang,et al.  Security enhancement for the timestamp-based password authentication scheme using smart cards , 2003, Comput. Secur..

[28]  Lei Fan,et al.  An enhancement of timestamp-based password authentication scheme , 2002, Comput. Secur..

[29]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[30]  T. J. Rivlin The Chebyshev polynomials , 1974 .

[31]  Alfredo De Santis,et al.  Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[32]  Zhenfeng Zhang,et al.  Chaotic encryption algorithm based on alternant of stream cipher and block cipher , 2011 .

[33]  Jianhua Chen,et al.  Note on 'Design of improved password authentication and update scheme based on elliptic curve cryptography' , 2012, Math. Comput. Model..

[34]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.