Effective and Secure Two-Factor Multi-Server Authentication Scheme without Password

被引：0

作者：

Sun, Shuwan ^{[1
,2
]}

Bian, Weixin ^{[1
,2
]}

Xie, Dong ^{[1
,2
]}

Jie, Biao ^{[1
,2
]}

Huang, Yi ^{[1
,2
]}

机构：

[1] Anhui Normal Univ, Sch Comp & Informat, Wuhu, Peoples R China

[2] Anhui Prov Key Lab Network & Informat Secur, Wuhu, Peoples R China

来源：

2022 3RD INFORMATION COMMUNICATION TECHNOLOGIES CONFERENCE (ICTC 2022) | 2022年

关键词：

multi-server authentication; physical unclonable function (PUF); password-free; biometric security and privacy; USER AUTHENTICATION; BIOMETRICS;

D O I：

10.1109/ICTC55111.2022.9778443

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Increasing number of online services have brought great convenience to users, and remote user authentication schemes have been widely used to verify the legitimacy of the authorized users. However, most of the existing authentication schemes are based on password, in which users need to remember the complex passwords and change them frequently. In addition, the great majority of authentication schemes have security defects. Through the analysis of the scheme proposed by Haq et al., we find that it is difficult to resist the key compromise impersonation attack. Therefore, an improved two-factor multiserver authentication scheme without password is proposed. The perfect combination of the user's biological characteristics and the PUF's physical characteristics enhances the practicality and efficiency of the solution. Security analysis of the proposed scheme shows that it can resist various known security attacks.

引用

页码：156 / 161

页数：6

共 50 条

[1] A two-factor authentication scheme with anonymity for multi-server environments
Chen, Chi-Tung
Lee, Cheng-Chi
[J]. SECURITY AND COMMUNICATION NETWORKS, 2015, 8 (08) : 1608 - 1625
[2] Two-Factor User Authentication in Multi-Server Networks
Li, Chun-Ta
Weng, Chi-Yao
Fang, Chun-I
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 261 - 268
[3] An efficient and secure multi-server password authentication scheme using smart cards
Chang, CC
Lee, JS
[J]. 2004 INTERNATIONAL CONFERENCE ON CYBERWORLDS, PROCEEDINGS, 2004, : 417 - 422
[4] A secure remote password authentication scheme with key agreement for multi-server environments
Lee, Wei-Bin
Wu, Chia-Chun
Tsaur, Woei-Jiunn
[J]. WMSCI 2005: 9th World Multi-Conference on Systemics, Cybernetics and Informatics, Vol 5, 2005, : 19 - 23
[5] Secure and Efficient Two-Factor Authentication Protocol Using RSA Signature for Multi-server Environments
Xu, Zhiqiang
He, Debiao
Huang, Xinyi
[J]. INFORMATION AND COMMUNICATIONS SECURITY, ICICS 2017, 2018, 10631 : 595 - 605
[6] Vulnerabilities in a Two-Factor User Authentication in Multi-server Networks Protocol
Georgescu, Adela
[J]. INTERNATIONAL JOINT CONFERENCE SOCO'14-CISIS'14-ICEUTE'14, 2014, 299 : 495 - 504
[7] A Provably Secure Multi-server Based Authentication Scheme
Kuo-Hui Yeh
[J]. Wireless Personal Communications, 2014, 79 : 1621 - 1634
[8] A Provably Secure Multi-server Based Authentication Scheme
Yeh, Kuo-Hui
[J]. WIRELESS PERSONAL COMMUNICATIONS, 2014, 79 (03) : 1621 - 1634
[9] A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography
Xu, Guosheng
Qiu, Shuming
Ahmad, Haseeb
Xu, Guoai
Guo, Yanhui
Zhang, Miao
Xu, Hong
[J]. SENSORS, 2018, 18 (07)
[10] New multi-server password authentication scheme using neural networks
Yoon, EJ
Yoo, KY
[J]. ADVANCES IN NATURAL COMPUTATION, PT 2, PROCEEDINGS, 2005, 3611 : 512 - 519

← 1 2 3 4 5 →