Abstract—Authentication of remote user and server is a great research challenge in today’s advanced wired and wireless communication. Recently Das proposed a flexible remote system authentication using smart card [7]. Xu et al. proved that Khan et al.’s fingerprint based remote user authentication is vulnerable to the impersonation and parallel session attack [10]. In this paper, we show that Das’s scheme is not withstand the reverse XOR and adversary system attack. We also propose an improved remote user and server authentication that verifies the authenticity of user by user’s password, smart card and biometric property of user. The technique is insulated from the reverse XOR, adversary system, impersonation and parallel session attacks.
Index Terms—Authentication, Remote System, Password, Smart card, Biometric.
Chandan Koner is an Assistant Assistant Professor in the Department of Computer Science and Engineering, Bengal Institute of Technology and Management, Santiniketan, P.O. Doranda, West Bengal, Pin-731236, India., he is pursuing PhD course. He is member of IACSIT and IAENG. (Phone No.+91-9434535556, email: chandan_durgapur@yahoo.com)
Chandan Tilak Bhunia is a Director, Bengal Institute of Technology and Management, Santiniketan, P.O. Doranda, West Bengal, Pin-731236, India. He is a Senior Member of IEEE and FIE. (Phone No. +91-9434033157, email: ctbhunia@vsnl.com)
Ujjwal Maulik is currently a Professor in the Department of Computer Science and Technology, Jadavpur University, Kolkata, India. He is a Senior Member of IEEE. (Phone No. 91-33-24131766, email:ujjwal_maulik@yahoo.com)
[PDF]
Cite: C. Koner, C. T. Bhunia and U. Maulik, "An Efficient and Reliable Three-Entity Remote User and Server Authentication Technique,"
International Journal of Engineering and Technology vol. 1, no. 2, pp. 188-193, 2009.