Abstract

In this paper, a new multi-factor authenticated key exchange scheme, which combines with biomet-rics, password and the smart card, is proposed. Compared with the previous schemes, this schemehas higher security in remote authentication and preserves privacy of biometrics , and most of theprevious schemes rely on the smart card to verify biometrics. The advantage of these approachesis that the user’s biometrics is not shared with the remote server, which can resist insider’s attackand preserve the privacy of the biometrics. The disadvantage is that the remote server must trustthe smart card to perform authentication, which leads to various vulnerabilities. To achieve multi-factor authentication, a new function called one-way function with distance-keeping, which is usedto preserve privacy of user’s biometrics, is introduced. This scheme has advantages as multi-factorauthentication, privacy preserving and lower communication complexity etc. It is proven secure un-der the random oracle and is suitable to the environment which lacked communication resource andneeded higher security.