An Enhanced Secure Anonymous Authentication Scheme Based on Smart Cards and Biometrics for Multi-server Environments

In 2014, Choi proposed a security enhanced anonymous multi-server authenticated key agreement scheme using smart card and biometrics and claimed that their scheme could overcome all of security issues in Chuang-Chen’s scheme, such as impersonation attack, smart card loss attack, denial of service attack and perfect forward secrecy. Unfortunately, we discover that Choi’s proposed scheme is not only still vulnerable to smart card loss attack and lack of perfect forward secrecy, but also contains a flaw in design for authentication phase after our analysis in detail.

In order to solve these security issues, we propose an enhanced secure anonymous authentication scheme with key agreement based on smart cards and biometrics for multi-server environments in this paper. According to our performance and security analysis, it can prove that our proposed scheme is more efficiency and security in comparison to previous schemes.

Share This Post