Abstract
Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.
1. Introduction
Recently, user authentication scheme in e-commerce and m-commerce has become one of important security issues. However, the security weaknesses in the remote user authentication scheme have been exposed seriously due to the careless password management and the sophisticated attack techniques. Several schemes [1–6] have been proposed to enhance the various security problems in user authentication schemes.
In traditional identity-based remote user authentications, the security of the remote user authentication is based on the passwords, but simple passwords are easy to break by simple dictionary attacks. To resolve the single-password authentication problems, several biometrics-based remote user authentication schemes [7–13] have been designed. Generally, biometrics-based remote user authentication is inherently more secure and reliable than the traditional authentication scheme. There are some advantages of using biometrics keys as compared to traditional passwords. (i)Biometric keys cannot be lost or forgotten. (ii)Biometric keys are very difficult to copy or share. (iii)Biometric keys are extremely hard to forge or distribute. (iv)Biometric keys cannot be guessed easily. (v)Someone’s biometrics is not easy to break than others.
In 2010, Li and Hwang [12] proposed an efficient biometrics-based remote user authentication scheme using smart cards. They claimed that their scheme not only keeps good properties (e.g., without synchronized clock, freely changes password, mutual authentication) but also provides nonrepudiation. But Das [13], in 2011, pointed out that Li-Hwang’s scheme does not resolve security drawbacks in login and authentication, security drawbacks in password change phase, and security drawbacks in verification of biometrics. Then, Das proposed more efficient biometrics-based remote user authentication scheme using smart cards which is secure against the user impersonation attack, the server masquerading attack, the parallel session attack, and the stolen password attack, and provide mutual authentication.
In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still vulnerable to the various attacks and does not provide mutual authentication between the user and the server. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. To analyze the security analysis of Das’s authentication scheme, we assume that an attacker could obtain the secret values stored in the smart card by monitoring the power consumption [14, 15] and intercept messages communicating between the user and the server. Also, we assume that an attacker may possess the capabilities to thwart the security schemes.(a)An attacker has total control over the communication channel between the user and the server in the login and authentication phase. That is, the attacker may intercept, insert, delete, or modify any message across the communication procedures.(b)An attacker may (i) either steal a user’s smart card and then extract the secret values stored in the smart card, (ii) or steal a user’s password, but cannot commit both of (i) and (ii) at a time.
Obviously, if both of the user’s smart card and password was stolen at the same time, then there is no way to prevent an attacker from impersonating as the user. Therefore, a remote user authentication scheme should be secure if only one case out of (i) and (ii) is happening.
This paper is organized as follows. In Section 2, we briefly review Das’s authentication scheme. In Section 3, we describe the security analysis of Das’s authentication scheme. The enhanced scheme is presented in Section 4, and security analysis of the enhanced scheme is given in Section 5. Finally, the conclusions are presented in Section 6.
2. Reviews of Das’s Scheme
In 2011, Das proposed an improved biometrics-based remote user authentication scheme using smart cards. This scheme is composed of three phases: registration phase, login phase, and authentication phase. The notations used in this paper are as follows shown in Table 1.
2.1. Registration Phase
Before logging in the remote server , a user initially has to register to the trusted registration centre as the following steps.(R1) submits his identity and password to through a secure channel. Also, the user submits his biometrics information on the specific device to .(R2) computes , and , where is a secret value generated by the server.(R3) stores () on the user’s smart card and sends it to the user via a secure channel.
2.2. Login Phase
When the user wants to log in the remote server , the user has to perform the following steps. (L1) inserts his smart card into a card reader and inputs the personal biometrics information on the specific device to verify the user’s biometrics. If the biometrics information matches the template stored in the system, passes the biometrics verification.(L2) inputs the and , and then the smart card computes . If equals , the smart card computes the following equations, where is a random number generated by the smart card: (L3) sends the login request message to .
2.3. Authentication Phase
After receiving the request login message, the remote server has to perform the following steps with the user to authenticate each other.(A1) checks the format of . (A2) If the is valid, computes and .(A3) verifies whether or not. If they are equal, computes the following equations, where is a random number generated by the server: (A4) Then, sends the message to .(A5) After receiving the reply message, verifies whether or not. If they are equal, computes .(A6) verifies whether or not. If they are equal, computes .(A7) Then, sends the message to .(A8) After receiving the message, verifies whether or not. If they are equal, accepts the user’s login request.
3. Security Analysis of Das’s Scheme
In this section, we will analyze the security of Das’s scheme. To analyze the security weaknesses, we assume that an attacker could obtain the secret values stored in the smart card by monitoring the power consumption [14, 15] and intercepting messages communicating between the user and the server. Under this assumption, we will discuss the various attacks, such as the user impersonation attack, the server masquerading attack, the password guessing attack, the insider attack, and the mutual authentication between the user and the server.
3.1. User Impersonation Attack
If the attacker can obtain the secret values (, ) from the user’s smart card illegally by some means and intercept the message in the login phase, the attacker can perform the user impersonation attack as the following steps. The procedure of the user impersonation attack is illustrated in Figure 1.(UA1) The attacker computes the following equations, where is a random number chosen by the attacker: (UA2) Then, sends the forged message to the remote server .(UA3) Upon receiving the forged message, checks the format of . If it holds, computes and .(UA4) verifies whether or not. If they are equal, will be convinced the message sent from the legal user. (UA5) Then, makes the reply message by computing , and in the authentication phase.
3.2. Server Masquerading Attack
If the attacker can obtain the secret values from the user’s smart card illegally by some means and intercept the message in the login phase and in the authentication phase, the attacker can perform the server masquerading attack as the following steps. The procedure of the server masquerading attack is illustrated in Figure 1.(SA1) The attacker computes the following equations, where is a random number chosen by the attacker: (SA2) Then, sends the forged message to the user .(SA3) Upon receiving the forged message, checks whether or not. If they are equal, computes .(SA4) verifies whether or not. If it holds, will be convinced the message sent from the legal server. (SA5) Then, makes the reply massage by computing in the authentication phase.
3.3. Password Guessing Attack
If an attacker can extract the secret values (,) from the legal user’s smart card by some means, the attacker can easily find out by performing the password guessing attack, in which each guess for can be verified as the following steps.(PA1) The attacker computes the secret parameter from the registration phase.(PA2) verifies the correctness of by checking .(PA3) repeats the above steps until a correct password is found.
Thus, the attacker can perform the password guessing attack, and can successfully impersonate the legal user with the guessed user password.
3.4. Insider Attack
In the registration phase, if the user’s password and biometrics information are revealed to the server, the insider of the server may directly obtain the user’s password and biometrics information. Thus, the insider of the server as an attacker can impersonate as the legal user to access the user’s other accounts in other server if the user uses the same password for the other accounts.
3.5. Mutual Authentication
Generally, if authentication scheme is insecure against user impersonation attack and server masquerading attack, the authentication schemes cannot provide mutual authentication between the user and the remote server. Therefore, Das’s scheme fails to provide mutual authentication as described in Sections 3.1 and 3.2. Namely, if the attacker can obtain the secret values (, ) from the legal user’s smart card by some means and intercept the messages communicating between the user and the server, the attacker can make the forged messages easily by computing , , and in the login phase. Also, the attacker can make the forged messages easily by computing , , and in the authentication phase.
4. The Enhanced Scheme
In this section, we propose an enhanced Das’s scheme which not only can withstand the various attacks, but also provide mutual authentication between the user and the server. The enhanced scheme is divided into three phases: registration phase, login phase, and authentication phase.
4.1. Registration Phase
Before logging to the remote server , a user initially has to register to the trusted registration centre as the following steps. The registration phase is illustrated in Figure 2.(R1) submits his identity and password information () to through a secure channel. Also the user submits his biometrics information () via the specific device to , where is a random number generated by .(R2) computes , and , where is a secret value generated by the server.(R3) stores () on the user’s smart card and sends it to the user via a secure channel. And stores random number into the smart card issued by .
4.2. Login Phase
When the user wants to login the remote server , the user has to perform the following steps. The login phase and authentication phase are illustrated in Figure 3.(L1) inserts his smart card into a card reader and inputs the biometrics information on the specific device to verify user’s biometrics. If the biometrics information matches stored in the system, passes the biometrics verification.(L2) inputs the and , and then the smart card computes the following equations, where is a random number generated by the user: (L3) sends the login request message ,, to .
4.3. Authentication Phase
After receiving the request login message, the remote server has to perform the following steps with the user to authenticate each other.(A1) checks the format of .(A2) If the is valid, computes and .(A3) verifies whether or not. If they are equal, computes the following equations, where is a random number generated by the server: (A4) Then, sends the message to .(A5) After receiving the reply message, computes and verifies whether or not. If they are equal, computes . (A6) Then, sends the message for authentication to .(A7) After receiving the message, verifies whether or not. If they are equal, accepts the user’s login request.
5. Security Analysis of the Enhanced Scheme
In this scheme, we will provide the security analysis of the enhanced scheme based on the password and biometrics information. To analyze the security of the enhanced scheme, we assume that an attacker can access a user’s smart card and extract the secret values stored in the smart card by some means [14, 15], and intercept the messages communicating between the user and the server.
5.1. User Impersonation Attack
To impersonate as the legitimate user, an attacker attempts to make a forged login request message which can be authenticated to the server. However, the attacker cannot impersonate as the legitimate user by forging the login request message even if the attacker can extract the secret values stored in the user’s smart card, because the attacker cannot compute the login request message without knowing the secret value kept by the server. Hence, the attacker has no chance to login to the enhanced scheme by launching the user impersonation attack.
5.2. Server Masquerading Attack
To masquerade as the legitimate server, an attacker attempts to make the forged reply message which can be masqueraded to the user when receiving the user’s login request message. However, the attacker cannot masquerade as the server by forging the reply message, because the attacker cannot compute sending to the user without knowing the secret value kept by the server. Hence, the attacker cannot masquerade as the legitimate server to the user by launching the server masquerading attack.
5.3. Password Guessing Attack
After the attacker extracts the secret values stored in the user’s smart card under the described assumption, the attacker attempts to derive the user’s password using in the registration phase. However, the attacker cannot guess the user’s password using the secret values extracted from the legitimate user’s smart card, because the attacker cannot compute the secret value without knowing the secret value kept by the server.
5.4. Insider Attack
In the registration phase, if the user’s password and the biometrics information are revealed to the server, the insider of the server may directly obtain and and impersonate as the user to access user’s other accounts in other server. But, the enhanced scheme is secure against the insider attack, because the user submits instead of and instead of .
5.5. Mutual Authentication
As described in Sections 5.1 and 5.2, the enhanced scheme can withstand the user impersonation attack and the server masquerading attack, consequently the proposed scheme provides mutual authentication between the user and the remote server. Namely, even if the attacker can extract the secret values stored in the user’s smart card, the user can be authenticated to the server and the server can be authenticated to the user. Because the attacker cannot make the login request message and the reply message without knowing the secret value kept by the server.
5.6. Security Comparison of the Related Scheme and the Enhanced Scheme
The security analysis of the related scheme and the enhanced scheme is summarized in Table 2. The enhanced scheme is relatively more secure than Li-Hwang’s and Das’s scheme. In addition, the enhanced scheme provides mutual authentication between the user and the server.
6. Conclusions
In this paper, we analyzed the security of Das’s scheme. And we have shown that Das’s scheme is not secure against the various attacks and fails to provide mutual authentication between the user and the server. Also, we proposed the enhanced scheme to overcome these security weaknesses, while preserving all their merits, even if the secret information stored in the smart card is revealed. As a result of security analysis, the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, and the password guessing attack, the insider attack and provides mutual authentication between the user and the server.
Acknowledgment
This work was supported by Kangnam University Research grant.