An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics

Highlights

• We propose an anonymous multi-server authenticated key agreement scheme.

• Our scheme is a three-factor authentication scheme.

• Our scheme is a lightweight authentication scheme which uses the hash function.

• The proposed scheme can resist many kinds of attacks.

Abstract

Password-based remote user authentication schemes are widely investigated, with recent research increasingly combining a user’s biometrics with a password to design a remote user authentication scheme that enhances the level of the security. However, these authentication schemes are designed for a single server environment and result in users needing to register many times when they want to access different application servers. To solve this problem, in this paper we propose an anonymous multi-server authenticating key agreement scheme based on trust computing using smart cards, password, and biometrics. Our scheme not only supports multi-server environments but also achieves many security requirements. In addition, our scheme is a lightweight authentication scheme which only uses the nonce and a hash function. From the subsequent analysis, the proposed scheme can be seen to resist several kinds of attacks, and to have more security properties than other comparable schemes.

Introduction

In recent years, wireless communications and network technologies have undergone rapid development (Dondi et al., 2008, Gil-Castineira et al., 2008, Hwang et al., 2007, Lazar and Carari, 2008, Liu et al., 2007, Marino et al., 2009), and many people now use mobile devices (e.g., PDAs, mobile phones, and notebooks) at anytime and from anywhere to access all kinds of application services from the Internet, such as network attached storage (NAS), Web-browsing, VoIP, video conferencing, and multimedia applications.

However, this mobile computing situation calls for an authentication mechanism to protect the valid user from attacks. The smart card based remote user authentication scheme is one of the simplest and most convenient authentication mechanisms for insecure networks. Lamport (1981) first introduced a password authentication scheme for communication through insecure channels, where the server has to maintain a password table. However, this scheme cannot prevent a stolen-verifier attack. Although many later papers (Fan et al., 2005, Juang et al., 2008, Sun et al., 2009) proposed improved password-based authentication schemes for resisting such attacks, password-based remote user authentication schemes are unfortunately still easily broken by simple dictionary attacks given the password’s low entropy value. Therefore, more and more research (Chang and Lin, 2004, Fan and Lin, 2009, Khan and Zhang, 2006, Khan et al., 2008, Ku et al., 2005, Lee et al., 2002, Li and Hwang, 2010, Lin and Lai, 2004, Mitchell and Tang, 2005, Xu et al., 2008) has combined a user’s biometrics (e.g., fingerprints, irises, and hand geometry) with a password and a smart card to design a remote user authentication scheme that enhances the level of the security (i.e., a secret key that has a value of high entropy Fan, 2009). While Lee et al. (2002) put forward a fingerprint-based remote user authentication scheme using smart cards in 2002, a number of studies (Chang and Lin, 2004, Ku et al., 2005, Lin and Lai, 2004) thereafter pointed out that this scheme cannot resist masquerade attacks and server spoofing attacks. Lin and Lai (2004) thus combined password and fingerprint minutiae templates into super passwords and provided an off-line password change scheme, but Mitchell and Tang (2005) observed that the process of the password change is vulnerable because the smart card did not have enough information to check the correctness of the old passwords. Fan and Lin (2009) then suggested a three-factor authentication scheme which combines biometrics with a password and smart card to provide high-security remote authentication, and they proved the security of their scheme. Khan and Zhang (2006) proposed an improved scheme to enhance the security, but this scheme turned out to be susceptible to a parallel session attack (Khan et al., 2008, Xu et al., 2008, Xu et al., 2008), in which an adversary without knowing a legal user’s password can impersonate the user by somehow crafting a valid login message from eavesdropped communications between the user and the server. Whereas Li and Hwang’s (2010) biometric-based remote user authentication scheme using smart cards was efficient, it used biometrics-based schemes (Chang and Lin, 2004, Fan and Lin, 2009, Khan and Zhang, 2006, Khan et al., 2008, Ku et al., 2005, Lee et al., 2002, Li and Hwang, 2010, Lin and Lai, 2004, Mitchell and Tang, 2005, Xu et al., 2008) that only supported a single server environment, which is a limitation insofar as there are many kinds of application servers on the Internet. Fig. 1 shows that a user accesses multiple application servers at the same time. If the designed authentication scheme does not consider the multi-server environment, the user performs the registration procedure many times and results in a high overhead at the registration center (RC) and the network. Some research (Chang and Lee, 2004, Juang, 2004, Liao and Wang, 2009, Tsai, 2008) has supported multi-server environments but since their schemes were only based on smart cards and passwords. The authentication system was insecure when both the user’s smart card and password were stolen; moreover, the schemes (Chang and Lee, 2004, Juang, 2004, Tsai, 2008) did not provide anonymous authentication. More recently, Yang and Yang, 2010, Yoon and Yoo, 2010 introduced biometric-based multi-server authentication schemes, but they still did not consider the user anonymity. Further, Yang’s scheme (Yang & Yang, 2010) needs to perform exponential operations that entails high computational cost, while Yoon et al.’s scheme (Yoon & Yoo, 2010) was demonstrated by He (2011) to be vulnerable to privileged insider attacks, masquerade attacks and loss of smart card attacks.

In this paper, we propose an anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards, password, and biometrics. Our scheme not only is a lightweight authentication scheme which only uses the nonce and a hash function but also satisfies all of the following security properties: anonymity, absence of verification tables, mutual authentication, resistance to forgery attack, absence of clock synchronization problem, resistance to modification attacks, resistance to replay attacks, fast error detection, resistance to off-line guessing attacks, resistance to insider attacks, simple and secure password choice and modification, biometric template protection, and session key agreement.

The remainder of this paper is organized as follows. Section 2 introduces some preliminaries. In Section 3, we describe the proposed scheme in detail, and the analyses of the security, computation costs, and comparisons are presented in Section 4. Consequently, we summarize our conclusions in Section 5.