Remote three-factor authentication scheme based on Fuzzy extractors

Authors

  • Min Zhang,

    Corresponding author
    1. Sichuan Province Key Lab of Signal and Information Processing, Southwest JiaoTong University, Chengdu, Sichuan, China
    2. School of Foreign languages, Southwest University for Nationalities, Chengdu, Sichuan, China
    • Correspondence: Min Zhang, Sichuan Province Key Lab of Signal and Information Processing, Southwest JiaoTong University, Chengdu, Sichuan 610031 China,

      E-mail: cdcszhangmin@gmail.com

    Search for more papers by this author
  • Jiashu Zhang,

    1. Sichuan Province Key Lab of Signal and Information Processing, Southwest JiaoTong University, Chengdu, Sichuan, China
    Search for more papers by this author
  • Ying Zhang

    1. Sichuan Province Key Lab of Signal and Information Processing, Southwest JiaoTong University, Chengdu, Sichuan, China
    Search for more papers by this author

Abstract

In order to provide high-security remote authentication, the three-factor authentication scheme combining biometric with smart card and password has been proposed. With a careful review of the recently proposed Lee–Hsu's scheme, this paper points out some design flaws in it. In order to withstand them, a new scheme based on Fuzzy extractors is proposed. With a detail analysis, this paper demonstrates that the proposed scheme is more practical and reasonable. It also has higher security and deals with biometric more appropriately in spite of higher computation cost at client than Lee–Hsu's scheme. Furthermore, an access control method has been introduced in it for the purpose of making different users enjoy different access privileges with regard to the data. What is more, the proposed scheme can also achieve key agreement. Copyright © 2014 John Wiley & Sons, Ltd.

Ancillary