Dynamic digest based authentication for client–server systems using biometric verification

Faezeh Sadat Babamir*, Murvet Kirci

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)

Abstract

The client authentication is a significant process in client–server systems. Such a process is highly secure when a client may be authenticated according to a set of unique verifiable data, i.e., biometric traits. However, biometric based systems with the low-cost, dense biometric sensors, and power of fast processing need a method of automatic client recognition for the robust client authentication. Such a method faces three challenges: (1) the effective recognition of the biometric patterns inputted to the system, (2) the provision of security to prevent the vulnerability of the system, and (3) the preparation of personal privacy. Many remote biometric authentication schemes have been developed to establish secure mutual communication between a client as a device node and server over an untrusted channel. By employing a secure remote biometric based authentication protocol, a client that acts in a node and a server that contains resources can authenticate each other in a secure and trustable manner. In our previous work, we proposed a digest based authentication method that preserves privacy of client's biometric templates and authenticates the client securely by generating non-deterministic semi-digest. By reviewing and cryptanalyzing this method, in the current paper, we focus on the improvement of the method for providing the invulnerability against user anonymity and server masquerading attacks. We show that our improved scheme is secure against the attacks and prove its functionality features.

Original languageEnglish
Pages (from-to)112-126
Number of pages15
JournalFuture Generation Computer Systems
Volume101
DOIs
Publication statusPublished - Dec 2019

Bibliographical note

Publisher Copyright:
© 2019 Elsevier B.V.

Keywords

  • Automated verification system
  • Biometric authentication
  • Cryptography
  • Privacy protecting

Fingerprint

Dive into the research topics of 'Dynamic digest based authentication for client–server systems using biometric verification'. Together they form a unique fingerprint.

Cite this