Skip to main content
SpringerLink
Log in

A Biometric based Remote User Authentication Technique Using Smart Card in Multi-Server Environment

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Remote user authentication is an efficient technique to perform secure communication over an insecure network.In this current research article, a lightweight remote user authentication scheme using smart card is proposed. The proposed scheme is a multi-server authentication mechanism where user biometric plays a prominent role. Here, the user is provided the freedom of selecting his or her service according to its requirement. Registration center selects the server according to the service selected by the user and provides a handshaking between user and server. Both user and server have to mutually authenticate each other to an authorized registration center by message passing. By this technique, finally a session key is generated which is used to perform further communication. Security analysis of the proposed method proves its robustness and comparative analysis with some existing schemes provides the superiority.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Lamport, L. (1981). Password authentication with insecure communication. Commun. ACM, 24(11), 770–772.

    Article  MathSciNet  Google Scholar 

  2. Shamir, A., et al. (1984). Identity-based cryptosystems and signature schemes. Workshop on the Theory and Application of Cryptographic Techniques (pp. 47–53). Berlin: Springer.

    Google Scholar 

  3. ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory, 31(4), 469–472.

    Article  MathSciNet  MATH  Google Scholar 

  4. Chang, C.-C., & Wu, T.-C. (1991). Remote password authentication with smart cards. IEE Proc. E (Comut. Digit. Tech.), 138(3), 165–168.

    Article  Google Scholar 

  5. Hwang, M.-S., & Li, L.-H. (2000). A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron., 46(1), 28–30.

    Article  Google Scholar 

  6. Li, L.-H., Lin, L.-C., & Hwang, M.-S. (2001). A remote password authentication scheme for multiserver architecture using neural networks. IEEE Trans. Neural Netw., 12(6), 1498–1504.

    Article  Google Scholar 

  7. Lin, I.-C., Hwang, M.-S., & Li, L.-H. (2003). A new remote user authentication scheme for multi-server architecture. Future Gener. Comput. Syst., 19(1), 13–22.

    Article  MATH  Google Scholar 

  8. Das, M. L., Saxena, A., & Gulati, V. P. (2004). A dynamic id-based remote user authentication scheme. IEEE Trans. Consum. Electron., 50(2), 629–631.

    Article  Google Scholar 

  9. Lin, C.-H., & Lai, Y.-Y. (2004). A flexible biometrics remote user authentication scheme. Comput. Standards Interfaces, 27(1), 19–23.

    Article  Google Scholar 

  10. Kong, A., Cheung, K.-H., Zhang, D., Kamel, M., & You, J. (2006). An analysis of biohashing and its variants. Pattern Recogn., 39(7), 1359–1368.

    Article  MATH  Google Scholar 

  11. Mangard, S., Oswald, E., & Popp, T. (2008). Power Analysis Attacks: Revealing the Secrets of Smart Cards. Dodrecht: Springer.

    MATH  Google Scholar 

  12. Xiao, Feng-xia, & Dan, Jing. (2009). A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun., 32(4), 583–585.

    Article  Google Scholar 

  13. Liao, Y.-P., & Wang, S.-S. (2009). A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Standards Interfaces, 31(1), 24–29.

    Article  Google Scholar 

  14. Hsiang, H.-C., & Shih, W.-K. (2009). Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Standards Interfaces, 31(6), 1118–1123.

    Article  Google Scholar 

  15. Lee, C.-C., Lin, T.-H., & Chang, R.-X. (2011). A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl., 38(11), 13863–13870.

    Google Scholar 

  16. Debiao, H., Jianhua, C., & Rui, Z. (2012). A more secure authenticatio, n scheme for telecare medicine information systems. J. Med. Syst., 36(3), 1989–1995.

    Article  Google Scholar 

  17. Lee, C.-C., & Hsu, C.-W. (2013). A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn., 71(1–2), 201–211.

    Article  MathSciNet  Google Scholar 

  18. Li, X., Ma, J., Wang, W., Xiong, Y., & Zhang, J. (2013). A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Math. Comput. Modell., 58(1–2), 85–95.

    Article  Google Scholar 

  19. Chuang, M.-C., & Chen, M. C. (2014). An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst. Appl., 41(4), 1411–1418.

    Article  Google Scholar 

  20. Mishra, D., Kumar, A., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst. Appl., 41(18), 8129–8143.

    Article  Google Scholar 

  21. He, D., & Wang, D. (2014). Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J., 9(3), 816–823.

    Article  Google Scholar 

  22. He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J., 9(3), 816–823.

    Article  Google Scholar 

  23. Odelu, V., & Das, A. K. (2015). A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forens. Secur., 10(9), 1953–1966.

    Article  Google Scholar 

  24. Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). A biometrics and smart cards-based authentication scheme for multi-server environments. Secur. Commun. Netw., 8(17), 3219–3228.

    Article  Google Scholar 

  25. Lee, T.-F. (2015). Provably secure anonymous single-sign-on authentication mechanisms using extended Chebyshev chaotic maps for distributed computer networks. IEEE Syst. J., 12(2), 1499–1505.

    Article  Google Scholar 

  26. Das, A. K. (2015). A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems. J. Med. Syt., 39(3), 30.

    Article  Google Scholar 

  27. Giri, D., Tanmoy, M., Ruhul, A., & Srivastava, P. D. (2015). An efficient and robust rsa-based remote user authentication for telecare medical information systems. J. Med. Syst., 39(1), 145.

    Article  Google Scholar 

  28. Saevanee, H., Clarke, N., Furnell, S., & Biscione, V. (2015). Continuous user authentication using multi-modal biometrics. Comput. Secur., 53, 234–246.

    Article  Google Scholar 

  29. Li, X., Niu, J., Kumari, S., Islam, S. K. H., Wu, F., Khan, M. K., & Das, A. K. (2016). A novel chaotic maps-based user authentication and key agreement protocol for multi-server environments with provable security. Wirel. Pers. Commun., 89(2), 569–597.

    Article  Google Scholar 

  30. Moon, J., Choi, Y., Kim, J., & Won, D. (2016). An improvement of robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps. J. Med. Syst., 40(3), 70.

    Article  Google Scholar 

  31. Jagadiswary, D., & Saraswady, D. (2016). Biometric authentication using fused multimodal biometric. Procedia Comput. Sci., 85, 109–116.

    Article  Google Scholar 

  32. Truong, T.-T., Tran, M.-T., Duong, A.-D., & Echizen, I. (2017). Provable identity based user authentication scheme on ECC in multi-server environment. Wirel. Pers. Commun., 95(3), 2785–2801.

    Article  Google Scholar 

  33. Chandrakar, P., & Om, H. (2017). Cryptanalysis and extended three-factor remote user authentication scheme in multi-server environment. Arabian J. Sci. Eng., 42(2), 765–786.

    Article  Google Scholar 

  34. Irshad, A., Chaudhry, S. A., Kumari, S., Usman, M., Mahmood, K., & Faisal, M. S. (2017). An improved lightweight multiserver authentication scheme. International Journal of Communication Systems, 30(17).

    Article  Google Scholar 

  35. Chaudhry, S. A., Naqvi, H., Mahmood, K., Ahmad, H. F., & Khan, M. K. (2017). An improved remote user authentication scheme using elliptic curve cryptography. Wirel. Pers. Commun., 96(4), 5355–5373.

    Article  Google Scholar 

  36. Chen, C.-L., Deng, Y.-Y., Tang, Y.-W., Chen, J.-H., & Lin, Y.-F. (2018). An Improvement on Remote User Authentication Schemes Using Smart Cards. Computers, 7(1), 9.

    Article  Google Scholar 

  37. Shingala, M., Patel, C., & Doshi, N. (2018). An improve three factor remote user authentication scheme using smart card. Wirel. Pers. Commun., 99(1), 227–251.

    Article  Google Scholar 

  38. Roy, S., Chatterjee, S., & Mahapatra, G. (2018). An efficient biometric based remote user authentication scheme for secure internet of things environment. J. Intell. Fuzzy Syst., 34(3), 1403–1410.

    Article  Google Scholar 

  39. Chandrakar, P., & Om, H. (2018). An efficient two-factor remote user authentication and session key agreement scheme using rabin cryptosystem. Arabian J. Sci. Eng., 43(2), 661–673.

    Article  Google Scholar 

  40. Li, X., Niu, J., Kumari, S., Wu, F., & Choo. , K. K. K. R. (2018). A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Future Gener. Comput. Syst., 83, 607–618.

    Article  Google Scholar 

  41. Jiang, Q., Chen, Z., Li, B., Shen, J., Yang, L., & Ma, J. (2018). Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems. J. Ambient Intell. Human. Comput., 9(4), 1061–1073.

    Article  Google Scholar 

  42. Chaudhry, S. A., Naqvi, H., Farash, M. S., Shon, T., & Sher, M. (2018). An improved and robust biometrics-based three factor authentication scheme for multiserver environments. J. Supercomput., 74(8), 3504–3520.

    Article  Google Scholar 

  43. Zhao, Y., Li, S., & Jiang, L. (2018). Secure and efficient user authentication scheme based on password and smart card for multiserver environment. Secur. Commun. Netw.https://doi.org/10.1155/2018/9178941.

    Article  Google Scholar 

  44. Kumari, S., Das, A. K., Li, X., Wu, F., Khan, M. K., et al. (2018). A provably secure biometrics-based authenticated key agreement scheme for multi-server environments. Multimed. Tools Appl., 77(2), 2359–2389.

    Article  Google Scholar 

  45. Irshad, A., Sher, M., Chaudhry, S. A., Xie, Q., Kumari, S., & Fan, W. (2018). An improved and secure chaotic map based authenticated key agreement in multi-server architecture. Multimed. Tools Appl., 77(1), 1167–1204.

    Article  Google Scholar 

  46. Li, X., Niu, J., Kumari, S., Wu, F., Sangaiah, A. K., & Choo, K. K. K. R. (2018). A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J. Netw. Comput. Appl., 103, 194–204.

    Article  Google Scholar 

  47. Mahmood, K., Chaudhry, S. A., Naqvi, H., Kumari, S., Li, X., & Sangaiah, A. K. (2018). An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Future Gener. Comput. Syst., 81, 557–565.

    Article  Google Scholar 

  48. Kumari, S., Karuppiah, M., Das, A. K., Li, X., Wu, F., & Gupta, V. (2018). Design of a secure anonymity-preserving authentication scheme for session initiation protocol using elliptic curve cryptography. J. Ambient Intell. Human. Comput., 9(3), 643–653.

    Article  Google Scholar 

  49. Li, X., Wu, F., Khan, M. K., Xu, L., Shen, J., & Jo, M. (2018). A secure chaotic map-based remote authentication scheme for telecare medicine information systems. Future Gener. Comput. Syst., 84, 149–159.

    Article  Google Scholar 

  50. Abozaid, A., Haggag, A., Kasban, H., & Eltokhy, M. (2018). Multimodal biometric scheme for human authentication technique based on voice and face recognition fusion. Multimed. Tools Appl., 78(12), 16345–16361.

    Article  Google Scholar 

  51. Karuppiah, M., Das, A. K., Li, X., Wu, F., Chaudhry, S. A., Niranchana, R., & Kumari, S. (2019). Secure remote user mutual authentication scheme with key agreement for cloud environment. Mob. Netw. Appl., 24(3), 1046–1062.

    Article  Google Scholar 

  52. Adeli, M., Bagheri, N., & Meimani, H. R. (2020). On the designing a secure biometric-based remote patient authentication scheme for mobile healthcare environments. J. Ambient Intell. Human. Comput., 12, 1–15.

    Google Scholar 

  53. Sengupta, S. (2020). A secured biometric-based authentication scheme in IoT-based patient monitoring system. Emerging Technology in Modelling and Graphics (pp. 501–518). Singapore: Springer.

    Chapter  Google Scholar 

  54. Tian, Y., Li, Y., Sengupta, B., Li, N., & Su, C. (2020). Leakage-resilient biometric-based remote user authentication with fuzzy extractors. Theoretical Computer ScienceTheoretical Computer ScienceTheoretical Computer ScienceTheor. Comput. Sci., 814, 223–233.

    MathSciNet  MATH  Google Scholar 

  55. Bera, B., Das, A. K., Balzano, W., & Medaglia, , C. M. (2020). Carlo Maria On the design of biometric-based user authentication protocol in smart city environment. Pattern Recogn. Lett., 138, 439–446.

    Article  Google Scholar 

  56. Wu, T.-Y., Yang, L., Lee, Z., Chen, C.-M., Pan, J.-S., & Islam, , S. K. (2021). SK Improved ECC-based three-factor multiserver authentication scheme. Secur. Commun. Netw., 2021, 1–14.

    Google Scholar 

  57. Kumar, A., & Om, H. (2021). Analysis and Enhancement of Biometric-Based Multi-Server Authentication Scheme Using Chebyshev Chaotic Map. In: Proceedings of the Fourth International Conference on Microelectronics, Computing and Communication Systems, (pp. 921–929). Singapore, Springer

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Indian Institute of Engineering Science and Technology, Shibpur, India

    Shyamalendu Kandar & Sumit Pal

  2. Department of Information Technology, Jadavpur University, Saltlake Campus, Kolkata, India

    Bibhas Chandra Dhara

Authors
  1. Shyamalendu Kandar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sumit Pal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bibhas Chandra Dhara
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shyamalendu Kandar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kandar, S., Pal, S. & Dhara, B.C. A Biometric based Remote User Authentication Technique Using Smart Card in Multi-Server Environment. Wireless Pers Commun 120, 1003–1026 (2021). https://doi.org/10.1007/s11277-021-08501-4

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-021-08501-4

Keywords

Search

Navigation