Remote Password Authentication Scheme with Smart Cards and Biometrics

碩士 === 國立中山大學 === 資訊工程學系研究所 === 94 === More and more researchers combine biometrics with passwords and smart cards to design remote authentication schemes for the purpose of high-degree security. However, in most of these authentication schemes proposed in the literatures so far, biometric characte...

Full description

Bibliographic Details
Main Authors: Yi-Hui Lin, 林宜慧
Other Authors: Chun-I Fan
Format: Others
Language:en_US
Published: 2006
Online Access:http://ndltd.ncl.edu.tw/handle/70966376327722362755
Description
Summary:碩士 === 國立中山大學 === 資訊工程學系研究所 === 94 === More and more researchers combine biometrics with passwords and smart cards to design remote authentication schemes for the purpose of high-degree security. However, in most of these authentication schemes proposed in the literatures so far, biometric characteristics are verified in the smart cards only, not in the remote servers, during the authentication processes. Although this kind of design can prevent the biometric data of the users from being known to the servers, it will result in that they are not real three-factor authentication schemes and therefore some security flaws may occur since the remote servers do not indeed verify the security factor of biometrics. In this thesis we propose a truly three-factor remote authentication scheme where all of the three security factors, passwords, smart cards, and biometric characteristics, are examined in the remote servers. Especially, the proposed scheme fully preserves the privacy of the biometric data of every user, that is, the scheme does not reveal the biometric data to anyone else, including the remote servers. Furthermore, we also demonstrate that the proposed scheme is immune to both the replay attacks and the offline-dictionary attacks and it achieves the requirement of low-computation cost for smart-card users. Finally, we give a formal analysis based on the GNY logic to prove that our goals are achieved.