Fingerprint Biometric-based Self-Authentication and Deniable Authentication Schemes for the Electronic World

摘要

This paper presents fingerprint biometric-based self-authentication and deniable authentication schemes, which enable a receiver to identify source of the message but not to prove the identity of the sender to a third party. At first, we identify the security flaws of some recently proposed deniable authentication schemes by three application scenarios, and prove that those schemes are vulnerable to impersonation and eavesdropping attacks. For remedy, we propose two-factor-based self-authentication and deniable authentication schemes in which, firstly, each user has to perform self-authentication by something he knows (password) and something he is (biometrics), and then he can accomplish the transaction, e.g., e-commerce. Security analysis shows that the proposed schemes can overcome the security pitfalls of the previous schemes and are secure, reliable and practicable with high potential to be used in the electronic world.