Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Improved Two-Factor Authentication Protocol Based on Biometric Feature and Password for Cloud Service
Ist Teil von
Cloud Computing and Security, p.90-100
Ort / Verlag
Cham: Springer International Publishing
Quelle
Alma/SFX Local Collection
Beschreibungen/Notizen
Secure and efficient authentication protocols are necessary for cloud service. Multi-factor authentication protocols taking advantage of smart card, user’s password and biometric, are more secure than password-based single-factor authentication protocols which are widely used in practice. However, almost all the existed two-factor authentication protocols and multi-factor authentication protocols are based on smart cards, which will inevitably lead to a series of security problems caused by the loss of smart cards. Recently, Li et al. proposed a two-factor authenticated key agreement protocol based on biometric feature and password innovatively without using smart card. But we demonstrate that Li et al.’s protocol can’t resist the privileged-insider attack and the stolen verifier attack. Moreover, their protocol failed to provide user anonymity. To overcome the weaknesses of Li et al.’s scheme, we then proposed an improved two-factor authentication protocol based on the extended Chebyshev chaotic mapping. To illustrate the security of our scheme, we give a standard formal proof with the sequence of games (SOG) technique. Furthermore, we also present a comprehensive heuristic security analysis to demonstrate that the proposed protocol is capable of withstanding all the possible various attacks and provides the desired security features. Compared with other schemes, ours is more secure and efficient.