About this Journal Submit a Manuscript Table of Contents
Journal of Biomedicine and Biotechnology
Volume 2012 (2012), Article ID 519723, 6 pages
http://dx.doi.org/10.1155/2012/519723
Research Article

Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

Division of Computer and Media Information Engineering, Kangnam University, 111, Gugal-dong, Giheung-gu, Yongin-si, Gyounggi-do, 446-702, Republic of Korea

Received 25 May 2012; Accepted 7 June 2012

Academic Editor: Sabah Mohammed

Copyright © 2012 Younghwa An. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

1. Introduction

Recently, user authentication scheme in e-commerce and m-commerce has become one of important security issues. However, the security weaknesses in the remote user authentication scheme have been exposed seriously due to the careless password management and the sophisticated attack techniques. Several schemes [16] have been proposed to enhance the various security problems in user authentication schemes.

In traditional identity-based remote user authentications, the security of the remote user authentication is based on the passwords, but simple passwords are easy to break by simple dictionary attacks. To resolve the single-password authentication problems, several biometrics-based remote user authentication schemes [713] have been designed. Generally, biometrics-based remote user authentication is inherently more secure and reliable than the traditional authentication scheme. There are some advantages of using biometrics keys as compared to traditional passwords. (i)Biometric keys cannot be lost or forgotten. (ii)Biometric keys are very difficult to copy or share. (iii)Biometric keys are extremely hard to forge or distribute. (iv)Biometric keys cannot be guessed easily. (v)Someone’s biometrics is not easy to break than others.

In 2010, Li and Hwang [12] proposed an efficient biometrics-based remote user authentication scheme using smart cards. They claimed that their scheme not only keeps good properties (e.g., without synchronized clock, freely changes password, mutual authentication) but also provides nonrepudiation. But Das [13], in 2011, pointed out that Li-Hwang’s scheme does not resolve security drawbacks in login and authentication, security drawbacks in password change phase, and security drawbacks in verification of biometrics. Then, Das proposed more efficient biometrics-based remote user authentication scheme using smart cards which is secure against the user impersonation attack, the server masquerading attack, the parallel session attack, and the stolen password attack, and provide mutual authentication.

In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still vulnerable to the various attacks and does not provide mutual authentication between the user and the server. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. To analyze the security analysis of Das’s authentication scheme, we assume that an attacker could obtain the secret values stored in the smart card by monitoring the power consumption [14, 15] and intercept messages communicating between the user and the server. Also, we assume that an attacker may possess the capabilities to thwart the security schemes.(a)An attacker has total control over the communication channel between the user and the server in the login and authentication phase. That is, the attacker may intercept, insert, delete, or modify any message across the communication procedures.(b)An attacker may (i) either steal a user’s smart card and then extract the secret values stored in the smart card, (ii) or steal a user’s password, but cannot commit both of (i) and (ii) at a time.

Obviously, if both of the user’s smart card and password was stolen at the same time, then there is no way to prevent an attacker from impersonating as the user. Therefore, a remote user authentication scheme should be secure if only one case out of (i) and (ii) is happening.

This paper is organized as follows. In Section 2, we briefly review Das’s authentication scheme. In Section 3, we describe the security analysis of Das’s authentication scheme. The enhanced scheme is presented in Section 4, and security analysis of the enhanced scheme is given in Section 5. Finally, the conclusions are presented in Section 6.

2. Reviews of Das’s Scheme

In 2011, Das proposed an improved biometrics-based remote user authentication scheme using smart cards. This scheme is composed of three phases: registration phase, login phase, and authentication phase. The notations used in this paper are as follows shown in Table 1.

tab1
Table 1: Notations used in this paper.
2.1. Registration Phase

Before logging in the remote server 𝑆𝑖, a user 𝐶𝑖 initially has to register to the trusted registration centre 𝑅𝑖 as the following steps.(R1)𝐶𝑖 submits his identity ID𝑖 and password PW𝑖 to 𝑅𝑖 through a secure channel. Also, the user submits his biometrics information 𝐵𝑖 on the specific device to 𝑅𝑖.(R2)𝑅𝑖 computes 𝑓𝑖=(𝐵𝑖), 𝑟𝑖=(PW𝑖)𝑓𝑖 and 𝑒𝑖=(ID𝑖𝑋𝑠)𝑟𝑖, where 𝑋𝑠 is a secret value generated by the server.(R3)𝑅𝑖 stores (ID𝑖,(),𝑓𝑖,𝑒𝑖,𝑟𝑖) on the user’s smart card and sends it to the user via a secure channel.

2.2. Login Phase

When the user 𝐶𝑖 wants to log in the remote server 𝑆𝑖, the user has to perform the following steps. (L1)𝐶𝑖 inserts his smart card into a card reader and inputs the personal biometrics information 𝐵𝑖 on the specific device to verify the user’s biometrics. If the biometrics information matches the template stored in the system, 𝐶𝑖 passes the biometrics verification.(L2)𝐶𝑖 inputs the ID𝑖 and PW𝑖, and then the smart card computes 𝑟𝑖=(PW𝑖)𝑓𝑖. If 𝑟𝑖 equals 𝑟𝑖, the smart card computes the following equations, where 𝑅𝑐 is a random number generated by the smart card: 𝑀1=𝑒𝑖𝑟𝑖𝑀2=𝑀1𝑅𝑐𝑀3𝑅=𝑐(1) (L3)𝐶𝑖 sends the login request message {ID𝑖,𝑀2,𝑀3} to 𝑆𝑖.

2.3. Authentication Phase

After receiving the request login message, the remote server 𝑆𝑖 has to perform the following steps with the user 𝐶𝑖 to authenticate each other.(A1)𝑆𝑖 checks the format of ID𝑖. (A2) If the ID𝑖 is valid, 𝑆𝑖 computes 𝑀4=(ID𝑖𝑋𝑠) and 𝑀5=𝑀2𝑀4.(A3)𝑆𝑖 verifies whether 𝑀3=(𝑀5) or not. If they are equal, 𝑆𝑖 computes the following equations, where 𝑅𝑠 is a random number generated by the server: 𝑀6=𝑀4𝑅𝑠,𝑀7𝑀=2𝑀5,𝑀8𝑅=𝑠.(2)(A4) Then, 𝑆𝑖 sends the message {𝑀6,𝑀7,𝑀8} to 𝐶𝑖.(A5) After receiving the reply message, 𝐶𝑖 verifies whether 𝑀7=(𝑀2𝑅𝑐) or not. If they are equal, 𝐶𝑖 computes 𝑀9=𝑀6𝑀1.(A6)𝐶𝑖 verifies whether 𝑀8=(𝑀9) or not. If they are equal, 𝐶𝑖 computes 𝑀10=(𝑀6𝑀9).(A7) Then, 𝐶𝑖 sends the message {𝑀10} to 𝑆𝑖.(A8) After receiving the message, 𝑆𝑖 verifies whether 𝑀10=(𝑀6𝑅𝑠) or not. If they are equal, 𝑆𝑖 accepts the user’s login request.

3. Security Analysis of Das’s Scheme

In this section, we will analyze the security of Das’s scheme. To analyze the security weaknesses, we assume that an attacker could obtain the secret values stored in the smart card by monitoring the power consumption [14, 15] and intercepting messages communicating between the user and the server. Under this assumption, we will discuss the various attacks, such as the user impersonation attack, the server masquerading attack, the password guessing attack, the insider attack, and the mutual authentication between the user and the server.

3.1. User Impersonation Attack

If the attacker can obtain the secret values (𝑒𝑖, 𝑟𝑖) from the user’s smart card illegally by some means and intercept the message {ID𝑖,𝑀2,𝑀3} in the login phase, the attacker can perform the user impersonation attack as the following steps. The procedure of the user impersonation attack is illustrated in Figure 1.(UA1) The attacker 𝐴𝑖 computes the following equations, where 𝑅𝑎𝑐 is a random number chosen by the attacker: 𝑀𝑎1=𝑒𝑖𝑟𝑖,𝑀𝑎2=𝑀𝑎1𝑅𝑎𝑐,𝑀𝑎3𝑅=𝑎𝑐.(3)(UA2) Then, 𝐴𝑖 sends the forged message {ID𝑖,𝑀𝑎2,𝑀𝑎3} to the remote server 𝑆𝑖.(UA3) Upon receiving the forged message, 𝑆𝑖 checks the format of ID𝑖. If it holds, 𝑆𝑖 computes 𝑀4=(ID𝑖𝑋𝑠) and 𝑀5=𝑀𝑎2𝑀4.(UA4)𝑆𝑖 verifies whether 𝑀𝑎3=(𝑀5) or not. If they are equal, 𝑆𝑖 will be convinced the message {ID𝑖,𝑀𝑎2,𝑀𝑎3} sent from the legal user. (UA5) Then, 𝑆𝑖 makes the reply message {𝑀6,𝑀7,𝑀8} by computing 𝑀6=𝑀4𝑅𝑠, 𝑀7=(𝑀𝑎2𝑀5) and 𝑀8=(𝑅𝑠) in the authentication phase.

519723.fig.001
Figure 1: User impersonation attack and server masquerading attack.
3.2. Server Masquerading Attack

If the attacker can obtain the secret values (𝑒𝑖,𝑟𝑖) from the user’s smart card illegally by some means and intercept the message {𝑀2} in the login phase and {𝑀6,𝑀7,𝑀8} in the authentication phase, the attacker can perform the server masquerading attack as the following steps. The procedure of the server masquerading attack is illustrated in Figure 1.(SA1) The attacker 𝐴𝑖 computes the following equations, where 𝑅𝑎𝑠 is a random number chosen by the attacker: 𝑀𝑎4=𝑒𝑖𝑟𝑖,𝑀𝑎5=𝑀2𝑀𝑎4,𝑀𝑎6=𝑀𝑎4𝑅𝑎𝑠,𝑀𝑎7𝑀=2𝑀𝑎5,𝑀𝑎8𝑅=𝑎𝑠.(4)(SA2) Then, 𝐴𝑖 sends the forged message {𝑀𝑎6,𝑀𝑎7,𝑀𝑎8} to the user 𝐶𝑖.(SA3) Upon receiving the forged message, 𝐶𝑖 checks whether 𝑀𝑎7=(𝑀2𝑅𝑐) or not. If they are equal, 𝐶𝑖 computes 𝑀9=𝑀𝑎6𝑀1.(SA4)𝐶𝑖 verifies whether 𝑀𝑎8=(𝑀9) or not. If it holds, 𝐶𝑖 will be convinced the message {𝑀𝑎6,𝑀𝑎7,𝑀𝑎8} sent from the legal server. (SA5) Then, 𝐶𝑖 makes the reply massage {𝑀10} by computing 𝑀10=(𝑀𝑎6𝑀9) in the authentication phase.

3.3. Password Guessing Attack

If an attacker can extract the secret values (𝑟𝑖,𝑓𝑖) from the legal user’s smart card by some means, the attacker can easily find out PW𝑖 by performing the password guessing attack, in which each guess PW𝑖 for PW𝑖 can be verified as the following steps.(PA1) The attacker 𝐴𝑖 computes the secret parameter 𝑟𝑖=(PW𝑖)𝑓𝑖 from the registration phase.(PA2)𝐴𝑖 verifies the correctness of PW𝑖 by checking 𝑟𝑖=𝑟𝑖.(PA3)𝐴𝑖 repeats the above steps until a correct password PW𝑖 is found.

Thus, the attacker can perform the password guessing attack, and can successfully impersonate the legal user with the guessed user password.

3.4. Insider Attack

In the registration phase, if the user’s password PW𝑖 and biometrics information 𝐵𝑖 are revealed to the server, the insider of the server may directly obtain the user’s password and biometrics information. Thus, the insider of the server as an attacker can impersonate as the legal user to access the user’s other accounts in other server if the user uses the same password for the other accounts.

3.5. Mutual Authentication

Generally, if authentication scheme is insecure against user impersonation attack and server masquerading attack, the authentication schemes cannot provide mutual authentication between the user and the remote server. Therefore, Das’s scheme fails to provide mutual authentication as described in Sections 3.1 and 3.2. Namely, if the attacker can obtain the secret values (𝑒𝑖, 𝑟𝑖) from the legal user’s smart card by some means and intercept the messages communicating between the user and the server, the attacker can make the forged messages easily by computing 𝑀𝑎1=𝑒𝑖𝑟𝑖, 𝑀𝑎2=𝑀𝑎1𝑅𝑎𝑐, and 𝑀𝑎3=(𝑅𝑎𝑐) in the login phase. Also, the attacker can make the forged messages easily by computing 𝑀𝑎6=𝑀𝑎4𝑅𝑎𝑠, 𝑀𝑎7=(𝑀2𝑀𝑎5), and 𝑀𝑎8=(𝑅𝑎𝑠) in the authentication phase.

4. The Enhanced Scheme

In this section, we propose an enhanced Das’s scheme which not only can withstand the various attacks, but also provide mutual authentication between the user and the server. The enhanced scheme is divided into three phases: registration phase, login phase, and authentication phase.

4.1. Registration Phase

Before logging to the remote server 𝑆𝑖, a user 𝐶𝑖 initially has to register to the trusted registration centre 𝑅𝑖 as the following steps. The registration phase is illustrated in Figure 2.(R1)𝐶𝑖 submits his identity ID𝑖 and password information (PW𝑖𝐾) to 𝑅𝑖 through a secure channel. Also the user submits his biometrics information (𝐵𝑖𝐾) via the specific device to 𝑅𝑖, where 𝐾 is a random number generated by 𝐶𝑖.(R2)𝑅𝑖 computes 𝑓𝑖=(𝐵𝑖𝐾), 𝑟𝑖=(PW𝑖𝐾)𝑓𝑖 and 𝑒𝑖=(ID𝑖𝑋𝑠)𝑟𝑖, where 𝑋𝑠 is a secret value generated by the server.(R3)𝑅𝑖 stores (ID𝑖,(),𝑓𝑖,𝑒𝑖) on the user’s smart card and sends it to the user via a secure channel. And 𝐶𝑖 stores random number 𝐾 into the smart card issued by 𝑅𝑖.

519723.fig.002
Figure 2: Registration phase of the enhanced scheme.
4.2. Login Phase

When the user 𝐶𝑖 wants to login the remote server 𝑆𝑖, the user has to perform the following steps. The login phase and authentication phase are illustrated in Figure 3.(L1)𝐶𝑖 inserts his smart card into a card reader and inputs the biometrics information 𝐵𝑖 on the specific device to verify user’s biometrics. If the biometrics information (𝐵𝑖𝐾) matches 𝑓𝑖 stored in the system, 𝐶𝑖 passes the biometrics verification.(L2)𝐶𝑖 inputs the ID𝑖 and PW𝑖, and then the smart card computes the following equations, where 𝑅𝑐 is a random number generated by the user: 𝑟𝑖=PW𝑖𝐾𝑓𝑖,𝑀1=𝑒𝑖𝑟𝑖,𝑀2=𝑀1𝑅𝑐,𝑀3𝑀=1𝑅𝑐.(5)(L3)𝐶𝑖 sends the login request message {ID𝑖,𝑀2,𝑀3} to 𝑆𝑖.

519723.fig.003
Figure 3: Login phase and authentication phase of the enhanced scheme.
4.3. Authentication Phase

After receiving the request login message, the remote server 𝑆𝑖 has to perform the following steps with the user 𝐶𝑖 to authenticate each other.(A1)𝑆𝑖 checks the format of ID𝑖.(A2) If the ID𝑖 is valid, 𝑆𝑖 computes 𝑀4=(ID𝑖𝑋𝑠) and 𝑀5=𝑀2𝑀4.(A3)𝑆𝑖 verifies whether 𝑀3=(𝑀4𝑀5) or not. If they are equal, 𝑆𝑖 computes the following equations, where 𝑅𝑠 is a random number generated by the server: 𝑀6=𝑀4𝑅𝑠,𝑀7𝑀=4𝑅𝑠.(6)(A4) Then, 𝑆𝑖 sends the message {𝑀6,𝑀7} to 𝐶𝑖.(A5) After receiving the reply message, 𝐶𝑖 computes 𝑀8=𝑀6𝑀1 and verifies whether 𝑀7=(𝑀1𝑀8) or not. If they are equal, 𝐶𝑖 computes 𝑀9=(𝑀1𝑅𝑐𝑀8). (A6) Then, 𝐶𝑖 sends the message {𝑀9} for authentication to 𝑆𝑖.(A7) After receiving the message, 𝑆𝑖 verifies whether 𝑀9=(𝑀4𝑀5𝑅𝑠) or not. If they are equal, 𝑆𝑖 accepts the user’s login request.

5. Security Analysis of the Enhanced Scheme

In this scheme, we will provide the security analysis of the enhanced scheme based on the password and biometrics information. To analyze the security of the enhanced scheme, we assume that an attacker can access a user’s smart card and extract the secret values stored in the smart card by some means [14, 15], and intercept the messages communicating between the user and the server.

5.1. User Impersonation Attack

To impersonate as the legitimate user, an attacker attempts to make a forged login request message which can be authenticated to the server. However, the attacker cannot impersonate as the legitimate user by forging the login request message even if the attacker can extract the secret values (𝑓𝑖,𝑒𝑖) stored in the user’s smart card, because the attacker cannot compute the login request message (𝑀2,𝑀3) without knowing the secret value 𝑋𝑠 kept by the server. Hence, the attacker has no chance to login to the enhanced scheme by launching the user impersonation attack.

5.2. Server Masquerading Attack

To masquerade as the legitimate server, an attacker attempts to make the forged reply message which can be masqueraded to the user when receiving the user’s login request message. However, the attacker cannot masquerade as the server by forging the reply message, because the attacker cannot compute (𝑀6,𝑀7) sending to the user without knowing the secret value 𝑋𝑠 kept by the server. Hence, the attacker cannot masquerade as the legitimate server to the user by launching the server masquerading attack.

5.3. Password Guessing Attack

After the attacker extracts the secret values (𝑓𝑖,𝑒𝑖,𝐾) stored in the user’s smart card under the described assumption, the attacker attempts to derive the user’s password PW𝑖 using 𝑟𝑖=(PW𝑖𝐾)𝑓𝑖 in the registration phase. However, the attacker cannot guess the user’s password PW𝑖 using the secret values extracted from the legitimate user’s smart card, because the attacker cannot compute the secret value 𝑟𝑖 without knowing the secret value 𝑋𝑠 kept by the server.

5.4. Insider Attack

In the registration phase, if the user’s password PW𝑖 and the biometrics information 𝐵𝑖 are revealed to the server, the insider of the server may directly obtain PW𝑖 and 𝐵𝑖 and impersonate as the user to access user’s other accounts in other server. But, the enhanced scheme is secure against the insider attack, because the user submits (PW𝑖𝐾) instead of 𝑃𝑊𝑖 and (𝐵𝑖𝐾) instead of 𝐵𝑖.

5.5. Mutual Authentication

As described in Sections 5.1 and 5.2, the enhanced scheme can withstand the user impersonation attack and the server masquerading attack, consequently the proposed scheme provides mutual authentication between the user and the remote server. Namely, even if the attacker can extract the secret values (𝑓𝑖,𝑒𝑖) stored in the user’s smart card, the user can be authenticated to the server and the server can be authenticated to the user. Because the attacker cannot make the login request message {ID𝑖,𝑀2,𝑀3} and the reply message {𝑀6,𝑀7} without knowing the secret value 𝑋𝑠 kept by the server.

5.6. Security Comparison of the Related Scheme and the Enhanced Scheme

The security analysis of the related scheme and the enhanced scheme is summarized in Table 2. The enhanced scheme is relatively more secure than Li-Hwang’s and Das’s scheme. In addition, the enhanced scheme provides mutual authentication between the user and the server.

tab2
Table 2: Security comparison of the related scheme and the enhanced scheme.

6. Conclusions

In this paper, we analyzed the security of Das’s scheme. And we have shown that Das’s scheme is not secure against the various attacks and fails to provide mutual authentication between the user and the server. Also, we proposed the enhanced scheme to overcome these security weaknesses, while preserving all their merits, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, and the password guessing attack, the insider attack and provides mutual authentication between the user and the server.

Acknowledgment

This work was supported by Kangnam University Research grant.

References

  1. L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol. 24, no. 11, pp. 770–772, 1981. View at Publisher · View at Google Scholar · View at Scopus
  2. M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28–30, 2000. View at Scopus
  3. E. J. Yoon, E. K. Ryu, and K. Y. Yoo, “Further improvement of an efficient password based remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 612–614, 2004. View at Publisher · View at Google Scholar · View at Scopus
  4. M. L. Das, A. Saxena, and V. P. Gulati, “A dynamic ID-based remote user authentication scheme,” IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 629–631, 2004. View at Publisher · View at Google Scholar · View at Scopus
  5. C. W. Lin, C. S. Tsai, and M. S. Hwang, “A new strong-password authentication scheme using one-way Hash functions,” Journal of Computer and Systems Sciences International, vol. 45, no. 4, pp. 623–626, 2006. View at Publisher · View at Google Scholar · View at Scopus
  6. C. S. Bindu, P. Reddy, and B. Satyanarayana, “Improved remote user authentication scheme preserving user anonymity,” International Journal of Computer Science and Network Security, vol. 83, pp. 62–66, 2008.
  7. W. C. Ku, S. T. Chang, and M. H. Chiang, “Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards,” Electronics Letters, vol. 41, no. 5, pp. 240–241, 2005. View at Publisher · View at Google Scholar · View at Scopus
  8. M. K. Khan and J. Zhang, “An efficient and practical fingerprint-based remote user authentication scheme with smart cards,” Lecture Notes in Computer Science, vol. 3903, pp. 260–268, 2006. View at Publisher · View at Google Scholar · View at Scopus
  9. A. Baig, A. Bouridane, F. Kurugollu, and G. Qu, “Fingerprint-Iris fusion based identification system using a single hamming distance matcher,” International Journal of Bio-Science and Bio-Technology, vol. 1, no. 1, pp. 47–58, 2009. View at Scopus
  10. J. Pedraza, M. A. Patricio, A. de Asís, and J. M. Molina, “Privacy and legal requirements for developing biometric identification software in context-based applications,” International Journal of Bio-Science and Bio-Technology, vol. 2, no. 1, pp. 13–24, 2010. View at Scopus
  11. C. C. Chang, S.C. Chang, and Y.W. Lai, “An improved biometrics-based user authentication scheme without concurrency system,” International Journal of Intelligent Information Processing, vol. 1, no. 1, pp. 41–49, 2010.
  12. C. T. Li and M. S. Hwang, “An efficient biometrics-based remote user authentication scheme using smart cards,” Journal of Network and Computer Applications, vol. 33, no. 1, pp. 1–5, 2010. View at Publisher · View at Google Scholar · View at Scopus
  13. A. K. Das, “Analysis and Improvement on an efficient biometric-based remote user authentication scheme using smart cards,” IET Information Security, vol. 5, no. 3, pp. 541–552, 2011.
  14. P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” Proceedings of Advances in Cryptology, pp. 388–397, 1999.
  15. T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart-card security under the threat of power analysis attacks,” IEEE Transactions on Computers, vol. 51, no. 5, pp. 541–552, 2002. View at Publisher · View at Google Scholar · View at Scopus