A Multi-Factor Authentication Scheme Under the SM9 Algorithm Framework

Wireless sensor networks use public wireless channels and their storage and computing resources are limited, making them vulnerable to active attacks and passive attacks. Identity authentication acts as the first line to ensure the security of information systems. Then, how to design multi-factor authentication schemes for wireless sensor devices is currently a hot topic. Nowadays, most existing schemes are based on foreign cryptographic standards that do not comply with the autonomous and controllable cyberspace security development strategy. SM9 is an identity-based cryptographic algorithm that has become a Chinese cryptographic standard recently. Therefore, this paper focuses on how to combine passwords, biometrics, and smart cards to design a multi-factor authentication scheme that can be used for wireless sensor networks under the framework of SM9. The proposed scheme applies the fuzzy verifier technique and the honeyword method to resist password guessing attacks and further enables session key negotiation and password update. The security is proved under the Random Oracle Model (ROM) and a heuristic security analysis is provided additionally. The comparison results show that the proposed scheme can be deployed to wireless sensor networks. © 2024 Science Press. All rights reserved.