One-time identity-password authenticated key agreement scheme based on biometrics

Abstract

Authenticated key agreement protocols, aiming at solving the problems to set up a secure channel over public Internet, can achieve authentication of the corresponding participants and confidentiality of data transmission. Nowadays, most of the authenticated key agreement protocols focus on security, efficiency, and user experience at the same time. One-time password authenticated algorithm, which is that a hash chain can update by itself smoothly and securely through capturing the secure bit of the tip, has the feature of high-efficient. In addition, biometrics-based algorithm can make the scheme more secure and more amiable for users. The combination of aforementioned algorithms can lead to a high practical scheme in the universal client/server architecture. Based on these motivations, the paper firstly proposed the new concept of one-time identity-password OTIP, which means the identity and the password can be used only once. Then, a new robust biometrics-based OTIP authenticated key agreement protocol is given based on the OTIP. Security of the protocol is based on the biometric authentication, a secure symmetric encryption and a secure one-way hash function with the hash chain. At the same time, the proposed protocol can not only refrain from many consuming algorithms but also robust to many kinds of attacks and owns much excellent features. Finally, we provide the secure proof and the efficiency analysis about our proposed scheme. Copyright © 2015 John Wiley & Sons, Ltd.