발간년도 : [2016]
논문정보 |
|
논문명(한글) |
[Vol.11, No.4] Vulnerability Analysis on Multi-Server Authentication Scheme using Smart Card and Biometric Data |
|
논문투고자 |
Kwang-Cheul Shin |
|
논문내용 |
In the past, most of the existing password authentication schemes are based on a single server environment which are inadequate for the multi-server environments. But recently, researches have been performed focusing on the remote user authentication scheme by password and bio-metric data in a multi-server environment. The following study analyzes weaknesses in user Authentication schemes in multiple server environments as suggested by Mishra et al’.s. Over the years, various identifier and password based schemes for multiple server environments have been suggested. However, they have been found of password guessing or dictionary attack based vulnerabilities. In order to overcome such weaknesses, there's been many papers since then that suggested various multiple server verification schemes that utilize biometric data for use in multiple server environments and distributed networks. In order to prevent weaknesses in Mishra et al'.s scheme and Chuang et al'.s scheme, the user verification parameter h(PSK) was utilized to improve upon the weaknesses. However, Mishra et al'.s scheme is vulnerable to user/server spoof attack, denial of service attack, impersonation attack, and man-in-the-middle attack. The following study analyzes C&C scheme and improves it, in order to reanalyze and compare weaknesses and problems to Mishra et al'.s scheme. |
|
첨부논문 |
|
|
|
|
|