A secure authentication scheme based on fuzzy extractor

Lihua Zhang¹, Yaoping Nie²

COMPUTER MODELLING & NEW TECHNOLOGIES 2014 18(12C) 46-55

¹School of Electrical and electronic engineering, East China Jiaotong University, Nanchang, China

²School of Electronic Information and Electrical Engineering, Shanghai Jiaotong University, Shanghai, China

The biometrics-based authentication schemes are more security and reliable than the traditional authentication schemes, and it is the inevitable trend of future development. However, between the existing schemes, the security of user’s biometric template usually be ignored, the user’s information security suffering from a great threat because of that. Recently, Yan et al. proposed a secure biometrics-based authentication scheme for telecare medicine information systems (TMIS), however, we found that Yan et al.’s scheme could not ensure the security of the user’s biometric template and forward security. To overcome the above weaknesses, in this paper, a security enhanced scheme combine with the characteristics of the Fuzzy Extractor is proposed. Security and performance analyses show that the proposed scheme not only could overcome the weaknesses in Yan et al.’s scheme but also has a better practicability. We also propose the scheme with a formal security proof under the random oracle mode.