Abstract
In 2015, Baruah et al. proposed a biometric-based multi-server authentication scheme using smart card. Baruah et al. claimed that their proposed scheme is secure to various cryptographic attacks and can provide forward secrecy. However, this paper points out that Baruah et al.’s scheme not only is still vulnerable to identity guessing attack using stolen smart card and replay attack, but also cannot provide perfect forward secrecy unlike their claims. For this reason, Baruah et al.’s scheme is insecure for practical application.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have