1,611 research outputs found
Enhanced Biometrics-based Remote User Authentication Scheme Using Smart Cards
Authentication and key exchange are fundamental techniques for
enabling secure communication over mobile networks. In order to
reduce implementation complexity and achieve computation
efficiency, design issues for efficient and secure
biometrics-based remote user authentication scheme have been
extensively investigated by research community in these years.
Recently, two well-designed biometrics-based authentication
schemes using smart cards are introduced by Li and Hwang and Li et
al., respectively. Li and Hwang proposed an efficient
biometrics-based remote user authentication scheme using smart
card and Li et al. proposed an improvement. The authors of both
schemes claimed that their protocol delivers important security
features and system functionalities, such as without synchronized
clock, freely changes password, mutual authentication, as well as
low computation costs. However, these two schemes still have much
space for security enhancement. In this paper, we first
demonstrate a series of vulnerabilities on these two schemes.
Then, an enhanced scheme with corresponding remedies is proposed
to eliminate all identified security flaws in both schemes
Biometric identity-based cryptography for e-Government environment
Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols
Modelling and simulation of a biometric identity-based cryptography
Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols
CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition
Architectures relying on continuous authentication require a secure way to
challenge the user's identity without trusting that the Continuous
Authentication Subsystem (CAS) has not been compromised, i.e., that the
response to the layer which manages service/application access is not fake. In
this paper, we introduce the CALIPER protocol, in which a separate Continuous
Access Verification Entity (CAVE) directly challenges the user's identity in a
continuous authentication regime. Instead of simply returning authentication
probabilities or confidence scores, CALIPER's CAS uses live hard and soft
biometric samples from the user to extract a cryptographic private key embedded
in a challenge posed by the CAVE. The CAS then uses this key to sign a response
to the CAVE. CALIPER supports multiple modalities, key lengths, and security
levels and can be applied in two scenarios: One where the CAS must authenticate
its user to a CAVE running on a remote server (device-server) for access to
remote application data, and another where the CAS must authenticate its user
to a locally running trusted computing module (TCM) for access to local
application data (device-TCM). We further demonstrate that CALIPER can leverage
device hardware resources to enable privacy and security even when the device's
kernel is compromised, and we show how this authentication protocol can even be
expanded to obfuscate direct kernel object manipulation (DKOM) malwares.Comment: Accepted to CVPR 2016 Biometrics Worksho
- …