• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Innovative Computing Information and Control >A ROBUST AND FLEXIBLE BIOMETRICS REMOTE USER AUTHENTICATION SCHEME
【24h】

A ROBUST AND FLEXIBLE BIOMETRICS REMOTE USER AUTHENTICATION SCHEME

机译:鲁棒,灵活的生物远程用户认证方案

获取原文
获取原文并翻译 | 示例
       
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Biometric-based authentication systems are widely deployed for person identification. Recently, an improved scheme for flexible biometrics remote user authentication was proposed by Khan and Zhang. In this paper, we demonstrate that Khan-Zhang's scheme is still vulnerable to the following two attacks: (1) It is insecure to parallel session attack in which an adversary without knowing a legal user's password and biometrics information can masquerade as the legal user by somehow crafting a valid login message from eavesdropped communications between the user and the remote system; (2) It is insecure to privileged insider's attack since a legal user's password can be easily revealed to the insider attacker of the remote system. Moreover, we figure out how to eliminate the security vulnerabilities of Khan-Zhang's scheme. Compared with Khan-Zhang's scheme, the proposed scheme is more efficient and holds stronger security.
机译:基于生物特征的身份验证系统已广泛用于个人识别。最近,Khan和Zhang提出了一种改进的用于灵活的生物特征识别远程用户身份验证的方案。在本文中,我们证明了Khan-Zhang的方案仍然容易受到以下两种攻击的侵害:(1)对于并行会话攻击而言,这种攻击是不安全的,在这种攻击中,不知道合法用户密码和生物识别信息的攻击者会伪装成合法用户通过某种方式,通过用户与远程系统之间的窃听通信来设计有效的登录消息; (2)特权内部人的攻击是不安全的,因为合法用户的密码可以很容易地显示给远程系统的内部人攻击者。此外,我们研究了如何消除Khan-Zhang方案的安全漏洞。与Khan-Zhang的方案相比,该方案效率更高,安全性更高。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号