In 1981, Lamport proposed a password authentication scheme to provide authentication between single user and single remote server. In a smart card based password authentication scheme, the smart card takes password as input, makes a login message and sends it to the server. Many smart card based password authentication schemes with a single server have already been constructed. However it is impossible to apply the authentication methods in single server environment to multi-server environment. Therefore, some smart card based password authentication schemes for the multi-server environment are proposed. In 2010, Yoon et al. proposed a robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. In this paper, however, we show that scheme of Yoon et al. is vulnerable to off-line password guessing attack and propose an improved scheme to prevent the attack. © 2012 Springer-Verlag.
CITATION STYLE
Kim, H., Jeon, W., Lee, K., Lee, Y., & Won, D. (2012). Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7335 LNCS, pp. 391–406). https://doi.org/10.1007/978-3-642-31137-6_30
Mendeley helps you to discover research relevant for your work.