An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography

Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server env...

Descripción completa

Detalles Bibliográficos
Autores principales: Reddy, Alavalapati Goutham, Das, Ashok Kumar, Odelu, Vanga, Yoo, Kee-Young
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Public Library of Science 2016
Materias:
Research Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4862638/
https://www.ncbi.nlm.nih.gov/pubmed/27163786
http://dx.doi.org/10.1371/journal.pone.0154308
_version_ 1782431371915952128
author Reddy, Alavalapati Goutham
Das, Ashok Kumar
Odelu, Vanga
Yoo, Kee-Young
author_facet Reddy, Alavalapati Goutham
Das, Ashok Kumar
Odelu, Vanga
Yoo, Kee-Young
author_sort Reddy, Alavalapati Goutham
collection PubMed
description Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols.
format Online
Article
Text
id pubmed-4862638
institution National Center for Biotechnology Information
language English
publishDate 2016
publisher Public Library of Science
record_format MEDLINE/PubMed
spelling pubmed-48626382016-05-18 An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography Reddy, Alavalapati Goutham Das, Ashok Kumar Odelu, Vanga Yoo, Kee-Young PLoS One Research Article Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. Public Library of Science 2016-05-10 /pmc/articles/PMC4862638/ /pubmed/27163786 http://dx.doi.org/10.1371/journal.pone.0154308 Text en © 2016 Reddy et al http://creativecommons.org/licenses/by/4.0/ This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
spellingShingle Research Article
Reddy, Alavalapati Goutham
Das, Ashok Kumar
Odelu, Vanga
Yoo, Kee-Young
An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title_full An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title_fullStr An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title_full_unstemmed An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title_short An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography
title_sort enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography
topic Research Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4862638/
https://www.ncbi.nlm.nih.gov/pubmed/27163786
http://dx.doi.org/10.1371/journal.pone.0154308
work_keys_str_mv AT reddyalavalapatigoutham anenhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT dasashokkumar anenhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT odeluvanga anenhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT yookeeyoung anenhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT reddyalavalapatigoutham enhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT dasashokkumar enhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT odeluvanga enhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography
AT yookeeyoung enhancedbiometricbasedauthenticationwithkeyagreementprotocolformultiserverarchitecturebasedonellipticcurvecryptography

Ejemplares similares