关键词: 双向身份认证, 智能卡, 生物密钥, 网络安全, 多因素认证

Abstract: Biometrics-based remote user authentication scheme with smart card enforces triple protection including smartcard hardware, user password authentication and biometrics recognition, which brings new breakthrough to authentication. Khan-Kumari scheme, which is characterized with high security performance, is reviewed. Four defects that may do harm to authentication are found in this scheme: flawed encapsulation of user identity secrets, improper access way of them, lack of message freshness check, and insufficient interaction between authentication parties. An enhanced biometrics-key-based remote user authentication scheme with smart card is put forward in this paper. Our scheme enforces four enhancing procedures: mutal verifiable dual factors are used to protect user identity secrets, and playback messages are recognized based on message freshness check, and protected parameters are transmitted after encrypted with dynamic Hash key integrating time flag, and authentication process is made be completed gracefully with acknowledgement message. With these measures, user identity protection is enhanced remarkably. Hence, resistance against smart card cracking, message replay, identity impersonation and service refusal is aggrandized. Security analysis shows that the enhanced scheme effectually fixes vulnerabilities found in Khan-Kumari scheme with small computation and communication cost, achieving remarkably enhanced security performance in defending against varying attacking means. Under the circumstances that even dual protection measures are compromised, the probability of impersonation and authentication failure caused by attacks can be made be less than 10\+{-38}.

Key words: mutual authentication, smart card, biometrics-key, network security, multi-factor authentication