A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards

“…T c : time required for executing comparison operation. Table 3 shows that the computational cost of the proposed scheme is relatively lower than Mishra et al's [17] scheme but with higher security. We can conclude that the security can be enhanced by affording a little bit of extra cost.…”

“…In 2014, Chuang and Chen [16] proposed a multi-server authenticated key agreement scheme using smart cards and biometrics. However, both Mishra et al [17] and Maitra and Giri [18] showed their scheme is insecure against stolen smart card attack, impersonation attack, forgery attack and session key discloser attack. Later, Mishra et al [17] proposed an improved biometric based remote user authentication scheme.…”

“…However, both Mishra et al [17] and Maitra and Giri [18] showed their scheme is insecure against stolen smart card attack, impersonation attack, forgery attack and session key discloser attack. Later, Mishra et al [17] proposed an improved biometric based remote user authentication scheme. But, normally human brain is better in recalling images based things rather than remembering complicated large password.…”

“…But, due to the advancement of computer technology, these schemes are still not capable to withstand various possible attacks [7]. To overcome these weaknesses, later biometrics was also been incorporated as third parameter and make the authentication schemes [8][9][10][11][12][13][14][15][16][17][18] based on three factors namely smartcard, password and biometric. In 2010, Li and Hwang [10] proposed a biometricsbased remote user authentication scheme using smart cards.…”

A New Remote User Authentication Scheme based on Graphical Password using Smart Card

“…T c : time required for executing comparison operation. Table 3 shows that the computational cost of the proposed scheme is relatively lower than Mishra et al's [17] scheme but with higher security. We can conclude that the security can be enhanced by affording a little bit of extra cost.…”

“…In 2014, Chuang and Chen [16] proposed a multi-server authenticated key agreement scheme using smart cards and biometrics. However, both Mishra et al [17] and Maitra and Giri [18] showed their scheme is insecure against stolen smart card attack, impersonation attack, forgery attack and session key discloser attack. Later, Mishra et al [17] proposed an improved biometric based remote user authentication scheme.…”

“…However, both Mishra et al [17] and Maitra and Giri [18] showed their scheme is insecure against stolen smart card attack, impersonation attack, forgery attack and session key discloser attack. Later, Mishra et al [17] proposed an improved biometric based remote user authentication scheme. But, normally human brain is better in recalling images based things rather than remembering complicated large password.…”

“…But, due to the advancement of computer technology, these schemes are still not capable to withstand various possible attacks [7]. To overcome these weaknesses, later biometrics was also been incorporated as third parameter and make the authentication schemes [8][9][10][11][12][13][14][15][16][17][18] based on three factors namely smartcard, password and biometric. In 2010, Li and Hwang [10] proposed a biometricsbased remote user authentication scheme using smart cards.…”

A New Remote User Authentication Scheme based on Graphical Password using Smart Card

“…We list the results of functionality comparisons of our scheme and other related schemes [14,15] in the table 2, and from which we can see that our scheme has more security properties. Both Mishra et al"s scheme [14] and Baruah et al"s scheme [15] cannot resist stolen smart card attack and denial of service attack, and they are both cannot protect user"s anonymity due to an adversary can trace a special user using the static information in the login request message.…”

An Enhanced Biometric-Based Three Factors User Authentication Scheme for Multi-server Environments

Lightweight privacy‐aware secure authentication scheme for cyber‐physical systems in the edge intelligence era