Title :
Further cryptanalysis of ‘A remote authentication scheme using mobile device’
Author :
Khan, Muhammad Khurram ; Kumari, Smriti ; Gupta, M.K.
Author_Institution :
Center of Excellence in Inf. Assurance, King Saud Univ., Riyadh, Saudi Arabia
Abstract :
In 2008, Khan et al. proposed a remote user authentication scheme on mobile device, using hash-function and fingerprint biometric. In 2010, Chen et al. discussed some security weaknesses of Khan et al.´s scheme and subsequently proposed an improved scheme. Recently, Truong et al. have demonstrated that in Chen et al.´s scheme, an adversary can successfully replay an intercepted login request. They also showed how an adversary can cheat both the legal participants, by taking advantage of the fact that the scheme does not provide anonymity to the user. In this paper, we show that Chen et al.´s scheme suffers from some additional drawbacks which were not presented by Truong et al. in its analysis.
Keywords :
cryptography; fingerprint identification; mobile handsets; fingerprint biometric; hash function; intercepted login request; legal participants; mobile device; remote user authentication scheme; security; Authentication; Cryptography; Fingerprint recognition; Mobile handsets; Servers; Smart cards; Mobile device; attacks; authentication; drawbacks; fingerprint;
Conference_Titel :
Computational Aspects of Social Networks (CASoN), 2012 Fourth International Conference on
Conference_Location :
Sao Carlos
Print_ISBN :
978-1-4673-4793-8
DOI :
10.1109/CASoN.2012.6412408
