A Privacy-Preserving RLWE-Based Remote Biometric Authentication Scheme for Single and Multi-Server Environments

Lwamo <italic>et al.</italic> recently proposed a robust and efficient remote single and multi-server biometric authentication scheme using smart card and <italic>RSA</italic>. The scheme is vulnerable to the smart card lost attacks; therefore, the scheme cannot resist offline guessing attacks and user impersonation attacks, and cannot provide forward security and user anonymity. To address these issues, we propose a new privacy-preserving ring learning with errors (<italic>RLWE</italic>)-based remote biometric authentication scheme (<italic>RRBAS</italic>) for single and multi-server environments. <italic>RRBAS</italic> is the first lattice-based remote biometric authentication scheme for multi-server environments. Security analysis show that <italic>RRBAS</italic> can satisfy the authenticated key exchange (<italic>AKE</italic>) security in the random oracle model, resist known security attacks, and provide post-quantum security. The experimental evaluation and comparative analysis show that <italic>RRBAS</italic>’s computational efficiency is better than that of Lwamo <italic>et al.</italic>, while the communication efficiency is slightly lower than traditional schemes because of the large-size ciphertext of the lattice-based cryptosystem, but it is fully capable of session key agreement in single and multi-server environments.

[1]  Meng Chang Chen,et al.  An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics , 2014, Expert Syst. Appl..

[2]  Xiaojun Zhang,et al.  Identity-based key-exposure resilient cloud storage public auditing scheme from lattices , 2019, Inf. Sci..

[3]  Han-Yu Lin,et al.  Traceable Anonymous Authentication and Key Exchange Protocol for Privacy-Aware Cloud Environments , 2019, IEEE Systems Journal.

[4]  Hong Xu,et al.  A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography , 2018, Sensors.

[5]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[6]  W. Marsden I and J , 2012 .

[7]  Xiaojun Zhang,et al.  Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage , 2019, Inf. Sci..

[8]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.

[9]  Eun-Jun Yoon,et al.  Design of Mutually Authenticated Key Agreement Protocol Resistant to Impersonation Attacks for Multi-Server Environment , 2017, IEEE Access.

[10]  Woei-Jiunn Tsaur,et al.  A Flexible User Authentication Scheme for Multi-server Internet Services , 2001, ICN.

[11]  Hari Om,et al.  Cryptanalysis and Improvement of an Anonymous Multi-server Authenticated Key Agreement Scheme , 2017, Wirel. Pers. Commun..

[12]  Craig Costello,et al.  Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem , 2015, 2015 IEEE Symposium on Security and Privacy.

[13]  Jianhua Chen,et al.  Provably Secure Three-party Password Authenticated Key Exchange Protocol Based On Ring Learning With Error , 2017, IACR Cryptol. ePrint Arch..

[14]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.

[15]  François-Xavier Standaert,et al.  Generic Side-Channel Distinguishers: Improvements and Limitations , 2011, IACR Cryptol. ePrint Arch..

[16]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[17]  Jianhua Chen,et al.  A secure biometrics-based authentication key exchange protocol for multi-server TMIS using ECC , 2018, Comput. Methods Programs Biomed..

[18]  Sherali Zeadally,et al.  Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment , 2017, Future Gener. Comput. Syst..

[19]  Liping Zhang,et al.  Privacy Protection for E-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement , 2018, IEEE Transactions on Industrial Electronics.

[20]  Ping Wang,et al.  On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions , 2014, Comput. Networks.

[21]  Julien Bringer,et al.  A Framework for Analyzing Template Security and Privacy in Biometric Authentication Systems , 2012, IEEE Transactions on Information Forensics and Security.

[22]  Bo Yang,et al.  A biometric password-based multi-server authentication scheme with smart card , 2010, 2010 International Conference On Computer Design and Applications.

[23]  Athanasios V. Vasilakos,et al.  An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[24]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[25]  Bidi Ying,et al.  Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography , 2019, J. Netw. Comput. Appl..

[26]  딩 진타이 New cryptographic systems using pairing with errors , 2013 .

[27]  Huaxiong Wang,et al.  FS-PEKS: Lattice-Based Forward Secure Public-Key Encryption with Keyword Search for Cloud-Assisted Industrial Internet of Things , 2019, IEEE Transactions on Dependable and Secure Computing.

[28]  Eun-Jun Yoon,et al.  Improving the Dynamic ID-Based Remote Mutual Authentication Scheme , 2006, OTM Workshops.

[29]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[30]  E. Tronci,et al.  1996 , 1997, Affair of the Heart.

[31]  Jianfeng Ma,et al.  Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing , 2020, IEEE Transactions on Services Computing.

[32]  Samiran Chattopadhyay,et al.  A Secure Authentication Protocol for Multi-Server-Based E-Healthcare Using a Fuzzy Commitment Scheme , 2019, IEEE Access.

[33]  Wei-Pang Yang,et al.  A communication-efficient three-party password authenticated key exchange protocol , 2011, Inf. Sci..

[34]  Chin-Chen Chang,et al.  An Untraceable Biometric-Based Multi-server Authenticated Key Agreement Protocol with Revocation , 2016, Wirel. Pers. Commun..

[35]  Aikaterini Mitrokotsa,et al.  Privacy-Preserving Biometric Authentication: Challenges and Directions , 2017, Secur. Commun. Networks.

[36]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.

[37]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.

[38]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[39]  Ting Wu,et al.  Large universe attribute based access control with efficient decryption in cloud storage system , 2018, J. Syst. Softw..

[40]  Samiran Chattopadhyay,et al.  Provably Secure Multi-Server Authentication Protocol Using Fuzzy Commitment , 2018, IEEE Access.

[41]  Robert H. Deng,et al.  Privacy-Preserving Attribute-Based Keyword Search in Shared Multi-owner Setting , 2019, IEEE Transactions on Dependable and Secure Computing.

[42]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[43]  Xiong Li,et al.  A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments , 2018, J. Netw. Comput. Appl..

[44]  Ximeng Liu,et al.  SUAA: A Secure User Authentication Scheme with Anonymity for the Single & Multi-server Environments , 2019, Inf. Sci..

[45]  Debiao He Security flaws in a biometrics-based multi-server authentication with key agreement scheme , 2011, IACR Cryptol. ePrint Arch..

[46]  Qi Xie,et al.  Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model , 2017, IEEE Transactions on Information Forensics and Security.

[47]  Jianfeng Ma,et al.  Lightweight Fine-Grained Search Over Encrypted Data in Fog Computing , 2019, IEEE Transactions on Services Computing.

[48]  Chun-I Fan,et al.  Provably Secure Remote Truly Three-Factor Authentication Scheme With Privacy Protection on Biometrics , 2009, IEEE Transactions on Information Forensics and Security.

[49]  Eun-Jun Yoon,et al.  Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem , 2010, The Journal of Supercomputing.

[50]  Yuting Xiao,et al.  Efficient Multi-Factor Authenticated Key Exchange Scheme for Mobile Communications , 2019, IEEE Transactions on Dependable and Secure Computing.