Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.690008
Title: A novel authentication protocol based on biometric and identity-based cryptography
Author: Aljeaid, D.
ISNI:       0000 0004 5921 7386
Awarding Body: Nottingham Trent University
Current Institution: Nottingham Trent University
Date of Award: 2015
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
Recently, considerable attention has been devoted to distributed systems. It has become obvious that a high security level should be a fundamental prerequisite for organisations' processes, both in the commercial and public sectors. A crucial foundation for securing a network is the ability to reliably authenticate ommunication parties. However, these systems face some critical security risks and challenges when they attempt to stabilise between security, efficiency and functionality. Developing a secure authentication protocol can be challenging; this thesis proposes an authentication scheme that employs two authentication factors involving something you know (password) and something you are (biometric) based on Identity-Based Cryptography and Elliptic Curve Cryptography. Two protocols have been chosen that provide mutual authentication and secure key exchange, which are the equivalent to the Diffie-Hellman key exchange. Due to a potential flaw in the protocols, guarding against attacks can be challenging. In order to alleviate some of the issues encountered with the new protocol, this thesis uses the encrypt-then-authenticate method. Formal verification methods are used to evaluate the new protocol. First, finite-state machines are used to examine and predict the behaviour of the protocol. Modelling with this method shows that the new protocol can function correctly and behave correctly within the protocol description, even with invalid input or time delay. Second, Petri nets are used to model, simulate and analyse the new protocol. This thesis formulates several attack models via Petri nets in which the security of the proposed protocols is discussed precisely. Ultimately, this novel work ensures that the new protocol provides a coherent security concept and can be implemented over insecure channels while offering secure mutual authentication.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.690008  DOI: Not available
Share: