CFP last date
20 March 2024
Reseach Article

A Novel Secure Remote User Authentication Protocol using Three Factors

by Yogita Borse, Irfan Siddavatam
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 87 - Number 17
Year of Publication: 2014
Authors: Yogita Borse, Irfan Siddavatam
10.5120/15297-3985

Yogita Borse, Irfan Siddavatam . A Novel Secure Remote User Authentication Protocol using Three Factors. International Journal of Computer Applications. 87, 17 ( February 2014), 1-6. DOI=10.5120/15297-3985

@article{ 10.5120/15297-3985,
author = { Yogita Borse, Irfan Siddavatam },
title = { A Novel Secure Remote User Authentication Protocol using Three Factors },
journal = { International Journal of Computer Applications },
issue_date = { February 2014 },
volume = { 87 },
number = { 17 },
month = { February },
year = { 2014 },
issn = { 0975-8887 },
pages = { 1-6 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume87/number17/15297-3985/ },
doi = { 10.5120/15297-3985 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:06:08.482042+05:30
%A Yogita Borse
%A Irfan Siddavatam
%T A Novel Secure Remote User Authentication Protocol using Three Factors
%J International Journal of Computer Applications
%@ 0975-8887
%V 87
%N 17
%P 1-6
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

According to the recent work done in the area of remote user authentication, biometrics based password authentication using smart card is the most interesting and upcoming technology. Many protocols has been designed aiming to combine three authentication factors efficiently in order secure the process of remote user authentication, but failed to do so. One of the many possible reasons is biometrics comparison. Basically, biometric is used to uniquely identify the user. It has been observed that, the biometrics comparison during the verification is done using its hash value, which is infeasible due to it's avalanch effect property. Moreover, impersonation, server spoofing, man-in-the-middle, denial-of-service etc attacks needs to handle properly to guarantee the security of the protocol. The main objective of this paper is to focus on biometrics comparison and making the protocol immune to above mentioned attacks.

References
  1. Leslie Lamport. Password authentication with insecure communication. Commun. ACM, 24(11):770–772, November 1981.
  2. Min-Shiang Hwang and Li-Hua Li. A new remote user authentication scheme using smart cards. Consumer Electronics, IEEE Transactions on, 46(1):28–30, 2000.
  3. M. K. Khan. Cryptanalysis and security enhancement of two password authentication schemes with smart cards. In Multitopic Conference, 2007. INMIC 2007. IEEE International, pages 1–4, 2007.
  4. Seung Wook Jung and Souhwan Jung. Secure password authentication for distributed computing. In Computational Intelligence and Security, 2006 International Conference on, volume 2, pages 1345–1350, 2006.
  5. Chun-Ta Li and Min-Shiang Hwang. An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. , 33(1):1–5, January 2010.
  6. Narn-Yih Lee and Yu-Chung Chiu. Improved remote authentication scheme with smart card. Computer Standards & Interfaces, 27(2):177–180, 2005.
  7. Jing Xu, Wen-Tao Zhu, and Deng-Guo Feng. An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces, 31(4):723–728, June 2009.
  8. Ronggong Song. Advanced smart card based password authentication protocol. Comput. Stand. Interfaces, 32(5-6):321–325, October 2010.
  9. J. K. Lee, S. R. Ryu, and K. Y. Yoo. Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters, 38(12):554–555, 2002.
  10. Chu-Hsing Lin and Yi-Yi Lai. A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces, 27(1):19–23, 2004.
  11. Muhammad Khurram Khan and Jiashu Zhang. Improving the security of 'a flexible biometrics remote user authentication scheme'. Computer Standards and Interfaces, pages 82–85, 2007.
  12. Ou Qingyu, Huang Kai, and Li Guang. Cryptanalysis and improvement of a remote user authentication scheme. In Intelligent Computation Technology and Automation, 2009. ICICTA '09. Second International Conference on, volume 4, pages 49–52, 2009.
  13. Ronggong Song. Advanced smart card based password authentication protocol. Comput. Stand. Interfaces, 32(5-6):321–325, October 2010.
  14. R. Martinez-Pelaez, F. Rico-Novella, C. Satizabal, and J. Pomykala. Improvement of the dynamic id-based remote user authentication scheme. In Information Society (i-Society), 2010 International Conference on, pages 168–172, 2010.
  15. M. L. Das, A. Saxena, and V. P. Gulati. A dynamic id-based remote user authentication scheme. Consumer Electronics, IEEE Transactions on, 50(2):629–631, 2004.
  16. Yogita Borse and Irfan Siddavatam. Article: Mitigating vulnerabilities in 3-factor based authentication. International Journal of Computer Applications, 76(10):19–23, August 2013. Published by Foundation of Computer Science, New York, USA.
  17. Ding Wang and Chunguang Ma. Robust smart card based password authentication scheme against smart card loss problem. IACR Cryptology ePrint Archive, page 439. informal publication.
  18. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '99, pages 388–397, London, UK, UK, 1999. Springer-Verlag.
  19. Thomas S. Messerges, Ezzat A. Dabbish, and Robert H. Sloan. Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. , 51(5):541–552, May 2002.
  20. S. S. Sonwanshi, R. R. Ahirwal, and Y. K. Jain. An efficient smart card based remote user authentication scheme using hash function. In Electrical, Electronics and Computer Science (SCEECS), 2012 IEEE Students' Conference on, pages 1–4, 2012.
Index Terms

Computer Science
Information Sciences

Keywords

Remote users Authentication Passwords Biometrics Smart Cards Three factor Authentication.