With the advance of smart card technology and the growing demand for secure applications in the community, many researches are being done on smart-card based systems from in-house applications to Internet-based applications. In this paper, we propose a comprehensive smart-card based authentication protocol and a secret key distribution scheme with failure handling. Compared with other similar protocols, our protocol can be embedded in the biometric-based local authentication system. Also, it can resist replaying attacks, perform mutual authentication, handle the smart card and the server failures properly without retaining the deficiency of those protocols.
展开▼