Abstract
Recently, biometric-based remote user authentication schemes along with passwords have drawn considerable attention in research. In 2011, Das proposed an improvement on an efficient biometric-based remote user authentication scheme using smart cards and claimed his scheme could resist various attacks. However, there are some weaknesses in Das’s scheme such as the privileged insider attack and the off-line password guessing attack. Besides, Das’s scheme also cannot provide user anonymity. To overcome these weaknesses, we shall propose a secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. The proposed scheme not only can resist the above-mentioned attacks, but also provide user anonymity.
Similar content being viewed by others
References
Bergamo, P., D’Arco, P., De Santis, A., Kocarev, L.: Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Trans. Circuits Syst. I, Fundam. Theory Appl. 52(7), 1382–1393 (2005)
Das, A.K.: Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Inf. Secur. 5(3), 145–151 (2011)
Fan, L., Li, J.H., Zhu, H.W.: An enhancement of timestamp-based password authentication scheme. Comput. Secur. 21(7), 665–667 (2002)
Han, S., Chang, E.: Chaotic map based key agreement with/out clock synchronization. Chaos Solitons Fractals 39(3), 1283–1289 (2009)
He, D., Chen, Y., Chen, J.: Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3), 1149–1157 (2012)
He, H., Wu, S., Chen, J.: Note on design of improved password authentication and update scheme based on elliptic curve cryptography. Math. Comput. Model. 55(3–4), 1661–1664 (2012)
Hwang, M.S., Liu, C.Y.: Authenticated encryption schemes: current status and key issues. Int. J. Netw. Secur. 1(2), 61–73 (2005)
Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Technol. 14(1), 4–20 (2004)
Khan, M.K., Zhang, J., Wang, X.: Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices. Chaos Solitons Fractals 35(3), 519–524 (2008)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Lecture Notes in Computer Science, vol. 1666, pp. 388–397. Springer, Berlin (1999)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Lee, C.C.: On security of an efficient nonce-based authentication scheme for SIP. Int. J. Netw. Secur. 9(3), 201–203 (2009)
Lee, C.C., Chang, Y.F.: On security of a practical three-party key exchange protocol with round efficiency. Inf. Technol. Control 37(4), 333–335 (2008)
Lee, N.Y., Chiu, Y.C.: Improved remote authentication scheme with smart card. Comput. Stand. Interfaces 27(2), 177–180 (2005)
Lee, C.C., Huang, K.Y., Huang, S.Y.: On-line password guessing attack on Lu-Cao key agreement protocol for secure authentication. J. Discrete Math. Sci. Cryptogr. 12(5), 595–598 (2009)
Lee, C.C., Lin, T.H., Chang, R.X.: A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11), 13863–13870 (2011)
Lee, C.C., Chen, C.L., Wu, C.Y., Huang, S.Y.: An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn. 69(1–2), 79–87 (2012)
Li, C.T., Hwang, M.S.: An efficient biometric-based remote authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1), 1–5 (2010)
Li, C.T., Hwang, M.S.: An online biometrics-based secret sharing scheme for multiparty cryptosystem using smart cards. Int. J. Innov. Comput. Inf. Control 6(5), 2181–2188 (2010)
Lin, C.H., Lai, Y.Y.: A flexible biometric remote user authentication scheme. Comput. Stand. Interfaces 27(1), 19–23 (2004)
Maltoni, D., Maio, D., Jain, A.K., Prabhakar, S.: Handbook of Fingerprint Recognition, 2nd edn. Springer, New York (2009)
Mason, J.C., Handscomb, D.C.: Chebyshev Polynomials. Chapman & Hall/CRC Press, London, Boca Raton (2003)
Messerges, T., Dabbish, E., Sloan, R.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)
Prabhakar, S., Pankanti, S., Jain, A.K.: Biometric recognition: security and privacy concerns. IEEE Secur. Priv. 1(2), 33–42 (2003)
Shen, J.J., Lin, C.W., Hwang, M.S.: Security enhancement for the timestamp-based password authentication using smart cards. Comput. Secur. 22(7), 591–595 (2003)
Shen, J.J., Lin, C.W., Hwang, M.S.: A modified remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 49(2), 414–416 (2003)
Sheu, L.J.: A speech encryption using fractional chaotic systems. Nonlinear Dyn. 65(1–2), 103–108 (2011)
Sun, H.M., Chen, Y.H., Lin, Y.H.: OPass: a user authentication protocol resistant to password stealing and password reuse attacks. IEEE Trans. Inf. Forensics Secur. 7(2), 651–663 (2012)
Tsai, C.S., Lee, C.C., Hwang, M.S.: Password authentication schemes: current status and key issues. Int. J. Netw. Secur. 3(2), 101–115 (2006)
Tseng, H.R., Jan, R.H., Yang, W.: A chaotic maps-based key agreement protocol that preserves user anonymity. In: IEEE International Conference on Communications, ICC’09, Dresden, pp. 1–6 (2009)
Wang, Y., Wong, K.W., Liao, X., Xiang, T.: A block cipher with dynamic S-boxes based on tent map. Commun. Nonlinear Sci. Numer. Simul. 14(7), 3089–3099 (2009)
Wang, X.Y., Yang, L., Liu, R., Kadir, A.: A chaotic image encryption algorithm based on perceptron model. Nonlinear Dyn. 62(3), 615–621 (2010)
Wang, X., Wang, X., Zhao, J., Zhang, Z.: Chaotic encryption algorithm based on alternant of stream cipher and block cipher. Nonlinear Dyn. 63(4), 587–597 (2011)
Xiao, D., Liao, X., Deng, S.: One-way hash function construction based on the chaotic map with changeable-parameter. Chaos Solitons Fractals 24(1), 65–71 (2005)
Xiao, D., Shih, F., Liao, X.: A chaos-based hash function with both modification detection and localization capabilities. Commun. Nonlinear Sci. Numer. Simul. 15(9), 2254–2261 (2010)
Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fractals 37(3), 669–674 (2008)
Acknowledgements
This research was partially supported by the National Science Council, Taiwan, R.O.C., under contract No.: NSC 101-2221-E-030-018.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lee, CC., Hsu, CW. A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn 71, 201–211 (2013). https://doi.org/10.1007/s11071-012-0652-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11071-012-0652-3