Publication Type

Conference Proceeding Article

Version

Postprint

Publication Date

5-2005

Abstract

User authentication is the first and probably the most challenging step in achieving secure person-to-person communications. Most of the existing authentication schemes require communicating parties either share a secret/password or know each other's public key. In this paper we suggest a novel user authentication scheme that is easy to use and overcomes the requirements of sharing password or public keys. Our scheme allows two human users to perform mutual authentication and have secure communications over an open channel by exchanging biometrics signals (e. g., voice or video signals). In addition to user authentication, our scheme establishes a secret session key between two users by cryptographically binding biometrics signals with users's Diffie-Hellman public values. Under the assumption that the two communicating persons are familiar with each other's biometrics signals, we show that the scheme is secure against various attacks, including the man-in-the-middle attack. The proposed scheme is highly suitable for applications such as Voice-over-IP

Discipline

Databases and Information Systems | Information Security

Research Areas

Data Management and Analytics; Cybersecurity

Publication

Security and Privacy in the Age of Ubiquitous Computing: IFIP TC11 20th International Information Security Conference May 30-June 1, Chiba, Japan

Volume

181

First Page

205

Last Page

221

ISBN

9780387256603

Identifier

10.1007/0-387-25660-1_14

Publisher

Springer Verlag

City or Country

Berlin

Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Additional URL

http://dx.doi.org/10.1007/0-387-25660-1_14

Share

COinS