• May 03, 2016 News! IJIET Vol. 5, No. 10 has been indexed by EI (Inspec).   [Click]
  • Mar 13, 2017 News!Vol. 7, No. 5 has been indexed by Crossref.
  • Mar 10, 2017 News!Vol. 7, No. 5 issue has been published online!   [Click]
General Information
    • ISSN: 2010-3689
    • Frequency: Bimonthly (2011-2014); Monthly (Since 2015)
    • DOI: 10.18178/IJIET
    • Editor-in-Chief: Prof. Dr. Steve Thatcher
    • Executive Editor: Ms. Nancy Y. Liu
    • Abstracting/ Indexing: EI (INSPEC, IET), Electronic Journals Library, Google Scholar, Crossref and ProQuest
    • E-mail: ijiet@ejournal.net
Editor-in-chief
Prof. Dr. Steve Thatcher
University of South Australia, Australia
It is my honor to be the editor-in-chief of IJIET. The journal publishes good papers which focous on the advanced researches in the field of information and education technology. Hopefully, IJIET will become a recognized journal among the scholars in the filed of information and education technology.
IJIET 2015 Vol.5(7): 538-542 ISSN: 2010-3689
DOI: 10.7763/IJIET.2015.V5.564

Cryptanalysis of Improved Biometric-Based User Authentication Scheme for C/S System

Younsung Choi, Donghoon Lee, Jiye Kim, Jaewook Jung, and Dongho Won
Abstract—Password-based authentication schemes are convenient, but vulnerable to simple dictionary attacks. Cryptographic secret keys are safe, but difficult to memorize. Recently, biometric information has been used for authentication schemes because it is difficult to copy, share, forge, and distribute. In 2011, Das proposed a biometric-based authentication scheme, but it has various vulnerabilities such as replay attack, denial-of-service attack, user impersonation attack, and password change problem. To solve these problem, Jiping et al. improved Das’s scheme, but some vulnerabilities have remained still. In this paper, we analyze the cryptanalysis of Jiping et al. authentication scheme. So this paper shows that Jiping et al.’s scheme is vulnerable against server masquerading attack and stolen smart card attack. And also we show the possibility of authentication without login phase in Jiping et al.’s authentication scheme.

Index Terms—User authentication, biometric-base scheme, client/server system, cryptanalysis on authentication scheme.

The authors are with the School of Information and Communication Engineering, Sungkyunkwan University, Korea (e-mail: yschoi@security.re.kr, dhlee@security.re.kr, jykim@security.re.kr, jwjung@security.re.kr, dhwon@security.re.kr).

[PDF]

Cite: Younsung Choi, Donghoon Lee, Jiye Kim, Jaewook Jung, and Dongho Won, "Cryptanalysis of Improved Biometric-Based User Authentication Scheme for C/S System," International Journal of Information and Education Technology vol. 5, no. 7, pp. 538-542, 2015.

Copyright © 2008-2016. International Journal of Information and Education Technology. All rights reserved.
E-mail: ijiet@ejournal.net