security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards安全分析和改进有效的biometric-based使用智能卡远程用户身份验证方案.pdfVIP

Hindawi Publishing Corporation Journal of Biomedicine and Biotechnology Volume 2012, Article ID 519723, 6 pages doi:10.1155/2012/519723 Research Article Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards Younghwa An Division of Computer and Media Information Engineering, Kangnam University, 111, Gugal-dong, Giheung-gu, Yongin-si, Gyounggi-do, 446-702, Republic of Korea Correspondence should be addressed to Younghwa An, yhan@kangnam.ac.kr Received 25 May 2012; Accepted 7 June 2012 Academic Editor: Sabah Mohammed Copyright © 2012 Younghwa An. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. 1. Introduct