Research on a Biometrics-based Multi-cloud Server Authentication Scheme

doi:10.3969/j.issn.1671-1122.2019.06.006

Abstract

Abstract:

The progress of wireless communication technology has promoted the development of mobile services. The traditional single server has been unable to accept the multi-user large-scale access. In order to solve this problem, a lot of cloud server authentication scheme are proposed. Based on passwords and smart cards authentication schemes are less security in multi-cloud server environment. Due to biometric technology is closely related to the physical characteristics of the individual, so it has been become the first choice to enhance security. Recently, KUMARI put forward an authentication scheme based on biometric technology in cloud server environment. However, we find that their schemes cannot resist replay attacks. At the same time, the scheme also has loopholes in the mutual authentication stage and lack the mutual authentication key parameters, which lead to users and servers cannot authenticate each other. Therefore, this paper improves KUMARI’s scheme by adding time-stamp and necessary parameter storage. Security analysis shows that the improved scheme not only resists replay attacks, offline password guessing attacks and other common attacks, but also enables users and servers to perform effective authentication.

Key words: authentication scheme, cloud server, smart card, biometric technology, security

CLC Number:

TP309

Baoyuan KANG, Mingming XIE, Lin SI. Research on a Biometrics-based Multi-cloud Server Authentication Scheme[J]. Netinfo Security, 2019, 19(6): 45-52.

Figures/Tables 3

References 18

[1]	HE Debiao, ZEADALLY S, KUMAR N, et al.Efficient and Anonymous Mobile User Authentication Protocol Using Self-certified Public Key Cryptography for Multi-server Architectures[J]. IEEE Transactions on Information Forensics and Security, 2016, 11(9): 2052-2064.
[2]	MA Chunguang, WANG Ding, ZHAO Sendong.Security Flaws in Two Improved Remote User Authentication Schemes Using Smart Cards[J]. International Journal of Communication Systems, 2014, 27(10): 2215-2227.
[3]	XIE Qi.Improvement of a Security Enhanced One-time Two-factor Authentication and Key Agreement Scheme[J]. Scientia Iranica, 2012, 19(6): 1856-1860.
[4]	HE Debiao, CHEN Yitao, CHEN Jianhua.Cryptanalysis and Improvement of an Extended Chaotic Maps-based Key Agreement Protocol[J]. Nonlinear Dynamics, 2012, 69(3): 1149-1157.
[5]	MESSERGES T, DABBISH E, SLOAN R.Examining Smart-card Security under the Threat of Power Analysis Attacks[J]. IEEE Transactions on Computer, 2002, 51(5): 541-552.
[6]	LI Xiong, NIU Jianwei, KHAN M, et al.Robust Biometrics Based Three-factor Remote User Authentication Scheme with Key Agreement[C]//IEEE. International Symposium on Biometrics and Security Technologies, July 2, 2013, Chengdu, China. New Jersey: IEEE, 2013: 105-110.
[7]	YOON E, YOO K.Robust Biometrics-based Multi-server Authentication with Key Agreement Scheme for Smart Cards on Elliptic Curve Cryptosystem[J]. The Journal of Supercomputing, 2013, 63(1): 235-255.
[8]	HE Debiao, WANG Ding.Robust Biometrics-based Authentication Scheme for Multi-server Environment[J]. IEEE Systems Journal, 2015, 9(3): 816-823.
[9]	ODELU V, DAS A, GOSWAMI A.A Secure Biometrics-based Multi-server Authentication Protocol Using Smart Cards[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(9): 1953-1966.
[10]	WU Fan, XU Lili, KUMARI S, et al.A Novel and Provably Secure Biometrics-based Three-factor Remote Authentication Scheme for Mobile client-server Networks[J]. Computer and Electronics Engineering, 2015, 45(C): 274-285.
[11]	SHEN H, GAO C, HE D, et al.New Biometrics-based Authentication Scheme for Multi-server Environment in Critical Systems[J]. Journal of Ambient Intelligence and Humanized Computing, 2015, 6(6): 825-834.
[12]	YOU Lin, LIANG Jiahao.Research on Secure Identity Authentication Based on Homonorphic Encryption and Biometric[J]. Netinfo Security, 2018, 18(4): 1-8.
	游林,梁家豪.基于同态加密与生物特征的安全身份认证研究[J].信息网络安全,2018,18(4):1-8.
[13]	CHUANG M C, CHEN Mengchang.An Anonymous Multi-server Authenticated Key Agreement Scheme Based on Trust Computing Using Smart Cards and Biometrics[J]. Expert Systems with Applications, 2014, 41(4): 1411-1418.
[14]	MISHRA D, DAS A, MUKHOPADHYAY S.A Secure User Anonymity-preserving Biometric-based Multi-server Authenticated Key Agreement Scheme Using Smart Cards[J]. Expert Systems with Applications, 2014, 41(18): 8129-8143.
[15]	LIN Hao, WEN Fengtong, DU Chunxia.An Improved Anonymous Multi-server Authenticated Key Agreement Scheme Using Smart Cards and Biometrics[J]. Wireless Personal Communications, 2015, 84(4): 2351-2362.
[16]	LU Yanrong, LI Lixiang, PENG Haipeng, et al.A Biometrics and Smart Cards-based Authentication Scheme for Multi-server Environments[J]. Security and Communication Networks, 2015, 8(17): 3219-3228.
[17]	ZHANG Lei, WANG Bin, YU Lili.A Hash Function-based Attribute Generalization Privacy Protection Scheme[J]. Netinfo Security, 2018, 18(3): 14-25.
	张磊,王斌,于莉莉.基于Hash函数的属性泛隐私保护方案[J].信息网络安全,2018,18(3):14-25.
[18]	KUMARI S, LI Xiong, WU Fan, et al. Design of a Provably Secure Biometrics-based Multi-cloud-server Authentication Scheme[EB/OL]. , 2018-1-22.

符号	描述
n, p	两个大素数
U_i, RA, CS_j	用户、注册机构、云服务器
E	攻击者
F_p	有限域
E_p	椭圆曲线
G	加法循环群
ID_i	U_i的身份
BiO_i	U_i的身份特征
SC_i	U_i的智能卡
S, P_uB	注册机构的私钥及公钥
$\oplus$	异或操作
h(.), H(.)	单项哈希函数
((V_i^)_x, (V_i^)_y)	(V_i^*)点的横纵坐标
Rec_i	RA对用户U_i的记录