عنوان انگلیسی مقاله:
Dynamic digest based authentication for client–server systems using biometric verification
ترجمه فارسی عنوان مقاله:
تأیید هویت مبتنی بر هضم پویا برای سیستم های مشتری-سرور با استفاده از تأیید بیومتریک
Sciencedirect - Elsevier - Future Generation Computer Systems, 101 (2019) 112-126: doi:10:1016/j:future:2019:05:025
Faezeh Sadat Babamir ∗, Murvet Kirci
The client authentication is a significant process in client–server systems. Such a process is highly
secure when a client may be authenticated according to a set of unique verifiable data, i.e., biometric
traits. However, biometric based systems with the low-cost, dense biometric sensors, and power of fast
processing need a method of automatic client recognition for the robust client authentication. Such a
method faces three challenges: (1) the effective recognition of the biometric patterns inputted to the
system, (2) the provision of security to prevent the vulnerability of the system, and (3) the preparation
of personal privacy. Many remote biometric authentication schemes have been developed to establish
secure mutual communication between a client as a device node and server over an untrusted channel.
By employing a secure remote biometric based authentication protocol, a client that acts in a node and
a server that contains resources can authenticate each other in a secure and trustable manner. In our
previous work, we proposed a digest based authentication method that preserves privacy of client’s
biometric templates and authenticates the client securely by generating non-deterministic semi-digest.
By reviewing and cryptanalyzing this method, in the current paper, we focus on the improvement of
the method for providing the invulnerability against user anonymity and server masquerading attacks.
We show that our improved scheme is secure against the attacks and prove its functionality features.
Keywords: Automated verification system | Biometric authentication | Cryptography | Privacy protecting