Abstract
Modern networking needs fast and secure-authentication to perform in an optimal state. Researchers have used smartcards and biometrics to provide security over a wide range of applications in recent decades. However, the current protocols are computationally intensive and have higher latency. Hence, this article proposes a biometric-based authentication scheme (SBAS) that requires less computational resources to provide adequate security. The SBAS uses only hash functions instead of the non-homogenous combination of functions to reduce the computational cost compared to the existing schemes. Moreover, the proposed protocol includes password protection to increase the efficiency of security. Protecting against security threats is one of the essential requirements of the security protocol. Hence, the proposed system is studied in-depth and found to satisfy desirable security features. The SBAS is impervious to online and offline password guessing attacks, insider attacks, and SC loss attacks. The low computational footprint of the protocol makes it suitable for low-power devices.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. In: Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences. vol. 426, pp. 233–271. The Royal Society (1989)
Chang, C.C., Wu, T.C.: Remote password authentication with smart cards. IEE Proc. E-Comput. Digital Techniques 138(3), 165–168 (1991)
Chen, B.L., Kuo, W.C., Wuu, L.C.: Robust smart-card-based remote user password authentication scheme. Int. J. Commun Syst 27(2), 377–389 (2014)
Chen, L., Zhang, K.: Privacy-aware smart card based biometric authentication scheme for e-health. Peer-to-Peer Network. Appl. 14(3), 1353–1365 (2021)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_31
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theor. 29(2), 198–208 (1983)
Fan, L., Li, J.H., Zhu, H.W.: An enhancement of timestamp-based password authentication scheme. Comput. Secur. 21(7), 665–667 (2002)
Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1), 28–30 (2000). https://doi.org/10.1109/30.826377
Jiang, Q., Ma, J., Li, G., Li, X.: Improvement of robust smart-card-based password authentication scheme. Int. J. Commun. Syst. 28(2), 383–393 (2015)
Kocher, Paul, Jaffe, Joshua, Jun, Benjamin: Differential power analysis. In: Wiener, Michael (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Lin, C.W., Tsai, C.S., Hwang, M.S.: A new strong-password authentication scheme using one-way hash functions. J. Comput. Syst. Sci. Int. 45(4), 623–626 (2006)
Mishra, D., Das, A.K., Chaturvedi, A., Mukhopadhyay, S.: A secure password-based authentication and key agreement scheme using smart cards. J. Inform. Secur. Appl. 23, 28–43 (2015)
Odelu, V., Das, A.K., Goswami, A.: An effective and robust secure remote user authenticated key agreement scheme using smart cards in wireless communication systems. Wireless Pers. Commun. 84(4), 2571–2598 (2015)
Ramasamy, R., Muniyandi, A.P.: An efficient password authentication scheme for smart card. IJ Netw. Secur. 14(3), 180–186 (2012)
Song, R.: Advanced smart card based password authentication protocol. Comput. Stand. Interfaces 32(5), 321–325 (2010)
Sood, S.K., Sarje, A.K., Singh, K.: An improvement of wang et al’.s authentication scheme using smart cards. In: Communications (NCC), 2010 National Conference, pp. 1–5. IEEE (2010)
Xu, J., Zhu, W.T., Feng, D.G.: An improved smart card based password authentication scheme with provable security. Comput. Standards Interfaces 31(4), 723–728 (2009)
Yang, T., Zhai, F., Xu, H., Li, W.: Design of a secure and efficient authentication protocol for real-time accesses of multiple users in piot-oriented multi-gateway wsns. Energy Reports 8, pp. 1200–1211 (2022). https://doi.org/10.1016/j.egyr.2022.02.061,www.sciencedirect.com/science/article/pii/S2352484722003080, 2021 International Conference on New Energy and Power Engineering
Yang, W.H., Shieh, S.P.: Password authentication schemes with smart cards. Comput. Secur. 18(8), 727–733 (1999)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sahoo, S.S., Mohanty, S., Das, D. (2023). A Secure Privacy Preserving Authentication Schema for Remote Server Using Biometric. In: Hong, W., Weng, Y. (eds) Computer Science and Education. ICCSE 2022. Communications in Computer and Information Science, vol 1811. Springer, Singapore. https://doi.org/10.1007/978-981-99-2443-1_29
Download citation
DOI: https://doi.org/10.1007/978-981-99-2443-1_29
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-2442-4
Online ISBN: 978-981-99-2443-1
eBook Packages: Computer ScienceComputer Science (R0)