On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards
We consider the security of the Rila-Mitchell security protocols recently proposed for biometrics-based smartcard systems. We first present a man-in-the-middle (MITM) attack on one of these protocols and hence show that it fails to achieve mutual authentication between the smartcard and smartcard re...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Published: |
2005
|
| Subjects: | |
| Online Access: | http://shdl.mmu.edu.my/2353/ |
| _version_ | 1848790033125867520 |
|---|---|
| author | Phan, , RCW Goi, , BM |
| author_facet | Phan, , RCW Goi, , BM |
| author_sort | Phan, , RCW |
| building | MMU Institutional Repository |
| collection | Online Access |
| description | We consider the security of the Rila-Mitchell security protocols recently proposed for biometrics-based smartcard systems. We first present a man-in-the-middle (MITM) attack on one of these protocols and hence show that it fails to achieve mutual authentication between the smartcard and smartcard reader. In particular, a hostile smartcard can trick the reader into believing that it is a legitimate card and vice versa. We also discuss security cautions that if not handled carefully would lead to attacks. We further suggest countermeasures to strengthen the protocols against our attacks, as well as to guard against the cautions highlighted. Our emphasis here is that seemingly secure protocols when implemented with poor choices of parameters would lead to attacks. |
| first_indexed | 2025-11-14T18:06:10Z |
| format | Article |
| id | mmu-2353 |
| institution | Multimedia University |
| institution_category | Local University |
| last_indexed | 2025-11-14T18:06:10Z |
| publishDate | 2005 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | mmu-23532011-08-23T02:29:16Z http://shdl.mmu.edu.my/2353/ On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards Phan, , RCW Goi, , BM QA75.5-76.95 Electronic computers. Computer science We consider the security of the Rila-Mitchell security protocols recently proposed for biometrics-based smartcard systems. We first present a man-in-the-middle (MITM) attack on one of these protocols and hence show that it fails to achieve mutual authentication between the smartcard and smartcard reader. In particular, a hostile smartcard can trick the reader into believing that it is a legitimate card and vice versa. We also discuss security cautions that if not handled carefully would lead to attacks. We further suggest countermeasures to strengthen the protocols against our attacks, as well as to guard against the cautions highlighted. Our emphasis here is that seemingly secure protocols when implemented with poor choices of parameters would lead to attacks. 2005 Article NonPeerReviewed Phan, , RCW and Goi, , BM (2005) On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards. COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2005, VOL 4, PROCEEDINGS, 3483 . pp. 1065-1074. ISSN 0302-9743 |
| spellingShingle | QA75.5-76.95 Electronic computers. Computer science Phan, , RCW Goi, , BM On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title | On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title_full | On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title_fullStr | On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title_full_unstemmed | On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title_short | On the Rila-Mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| title_sort | on the rila-mitchell security protocols for biometrics-based cardholder authentication in smartcards |
| topic | QA75.5-76.95 Electronic computers. Computer science |
| url | http://shdl.mmu.edu.my/2353/ |