摘要： 将生物特征信息、单向哈希函数和智能卡等技术相结合，提出一种基于生物特征识别的身份认证方案。利用时戳生成一次性共享信息，以提高系统的鲁棒性。分析结果证明，该方案可防止伪装攻击、重放攻击和拒绝服务攻击。用户与服务器仅需2次握手即可实现相互认证，由此节约系统的通信成本，提高认证效率。

关键词: 基于生物特征的认证, 单向哈希函数, 时间戳, 远程用户, 智能卡, 可信第三方, 一次性共享密钥

Abstract: An efficient biometrics-based mutual authentication scheme is proposed, which is based on personal biometrics, one-way Hash function and smart card. For enhancing the system security, a one-time key is generated by using the timestamp. In the scheme, the authentication process can resist all known attacks including replay attacks and the DoS attacks, and needs only twice online message transmissions. Analysis shows that the scheme is secure and effective.

Key words: biometrics-based authentication, one-way Hash function, timestamp, remote user, smart card, trusted third party, one-time shared key

中图分类号: 

• TP309