A Novel Multi-factor Authenticated Key Exchange Scheme With Privacy Preserving

In this paper, a new multi-factor authenticated key exchange scheme, which combines with biometrics, password and the smart card, is proposed. Compared with the previous schemes, this scheme has higher security in remote authentication and preserves privacy of biometrics , and most of the previous schemes rely on the smart card to verify biometrics. The advantage of these approaches is that the user’s biometrics is not shared with the remote server, which can resist insider’s attack and preserve the privacy of the biometrics. The disadvantage is that the remote server must trust the smart card to perform authentication, which leads to various vulnerabilities. To achieve multifactor authentication, a new function called one-way function with distance-keeping, which is used to preserve privacy of user’s biometrics, is introduced. This scheme has advantages as multi-factor authentication, privacy preserving and lower communication complexity etc. It is proven secure under the random oracle and is suitable to the environment which lacked communication resource and needed higher security.

[1]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[2]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[3]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[4]  Julien Bringer,et al.  Identification with Encrypted Biometric Data Made Feasible , 2009, ArXiv.

[5]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[6]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[7]  Ted Taekyoung Kwon,et al.  An Improved Fingerprint-Based Remote User Authentication Scheme Using Smart Cards , 2006, ICCSA.

[8]  Chun-I Fan,et al.  Provably Secure Remote Truly Three-Factor Authentication Scheme With Privacy Protection on Biometrics , 2009, IEEE Transactions on Information Forensics and Security.

[9]  Eun-Jun Yoon,et al.  Secure Fingerprint-Based Remote User Authentication Scheme Using Smartcards , 2005, WINE.

[10]  Eun-Jun Yoon,et al.  A New Efficient Fingerprint-Based Remote User Authentication Scheme for Multimedia Systems , 2005, KES.

[11]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[12]  Elisa Bertino,et al.  Privacy preserving multi-factor authentication with biometrics , 2006, DIM '06.

[13]  Kee-Young Yoo,et al.  ID-based password authentication scheme using smart cards and fingerprints , 2003, OPSR.

[14]  J. K. Lee,et al.  Fingerprint-based remote user authentication scheme using smart cards , 2002 .

[15]  David Pointcheval,et al.  Multi-factor Authenticated Key Exchange , 2008, ACNS.