Paper 2011/365

Security flaws in a biometrics-based multi-server authentication with key agreement scheme

Debiao He

Abstract

Recently, Yoon et al. proposed an efficient biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem (ECC) for multi-server communication environments [E.-J. Yoon, K.-Y. Yoo(2011) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem, Journal of Supercomputing, DOI: 10.1007/s11227-010-0512-1]. They claimed their scheme could withstand various attacks. In the letter, we will show Yoon et al.’s scheme is vulnerable to the privileged insider attack, the masquerade attack and the smart cart lost attack.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. The paper has not been published.
Keywords
AuthenticationKey agreementMasquerade attackPrivileged insider attackElliptic curve cryptosystemSmart card
Contact author(s)
hedebiao @ 163 com
History
2011-07-11: last of 2 revisions
2011-07-10: received
See all versions
Short URL
https://ia.cr/2011/365
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2011/365,
      author = {Debiao He},
      title = {Security flaws in a biometrics-based multi-server authentication with key agreement scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2011/365},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/365}},
      url = {https://eprint.iacr.org/2011/365}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.