Research On Biometrics Based Remote User Authentication Scheme

By analyzing previous authentication schemes, we have found that there are many disadvantages of protecting user privacy and security attacks in password and smart card based remote authentication schemes. However, biometrics has its unique safety advantage, it can play special effect in designing schemes. Thus, our main purpose is to design more secure and efficient remote authentication schemes based on the knowledge of cryptography and biological features.In this paper, we studied three kinds of remote authentication schemes. The first kind of scheme is to analyze biometrics based remote authentication schemes for multi-server architecture. The second kind of scheme is to analyze biometrics based authentication schemes for telecare medicine information system(TMIS). Scheme of latter category is to analyze some other remote authentication schemes. Specific analysis as follows:Class 1: We analyzed biometrics based remote authentication scheme for multi-server architecture proposed by Chuang and Chen. We found that this scheme cannot withstand user impersonation attack, server spoofing attack, and so an. Based on these defects, we used Elliptic Curve Cryptosystem to design a new authentication scheme. We utilized biometrics to encrypt information in proposed scheme. It is difficult for attacker to guess valid information to impersonate as a legal user. Because each server has its own private key, this makes it difficult for an attacker to forge the private key of the other server to disguise as a legitimate server. By analyzing the security of the proposed scheme, we demonstrated that the proposed scheme is secure against kinds of attacks and achieves user anonymity.Class 2:(1) By analyzing the scheme for telecare medicine information system proposed by Lu et al., we pointed out that their scheme cannot resist user impersonation attack, privilege insider attack, and so on. To remedy these shortcomings, we used Elliptic Curve Cryptosystem to propose a new scheme. Because identity and password are protected by biometrics, the proposed scheme can resist user impersonation attack and server spoofing attack. Owing to biometrics are used in registration phase, the scheme can also withstand privilege insider attack. Security analysis shows that the proposed scheme satisfies security requirements. Moreover, we utilized BAN logic to demonstrate that the proposed scheme achieves mutual authentication.(2) Based on the analysis of Amin and Biswas' s biometrics based scheme for telecare medicine information system, we pointed out that their scheme is vulnerable to user impersonation attack, off-line password guessing attack, and so on. To resolve these flaws, we designed a new scheme. There is not complex computing in new scheme. Compared with Amin and Biswas' s scheme, the new scheme has less hash computing. Thus, the proposed scheme is more efficient than Amin and Biswas' s scheme.Class 3: We have analyzed some other remote authentication schemes except biometrics based schemes. By comparison, these schemes are more vulnerable to some attacks. We utilized hash function, timestamp, random number, Elliptic Curve Cryptosystem and Diffie-Hellman key exchange protocol to design new schemes. The timestamp and random number can prevent replay attack, and the one-way hash function can protect the security of information better. The security proofs for the proposed schemes show that our proposed schemes meet the security requirements.