Multi-Factor Password-Authenticated Key Exchange via Pythia PRF Service
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Li, Zengpeng | - |
dc.contributor.author | Wang, Jiuru | - |
dc.contributor.author | Choi, Chang | - |
dc.contributor.author | Zhang, Wenyin | - |
dc.date.available | 2020-10-20T06:42:25Z | - |
dc.date.created | 2020-06-10 | - |
dc.date.issued | 2020-05 | - |
dc.identifier.issn | 1546-2218 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/78488 | - |
dc.description.abstract | Multi-factor authentication (MFA) was proposed by Pointcheval et al. [Pointcheval and Zimmer (2008)] to improve the security of single-factor (and two-factor) authentication. As the backbone of multi-factor authentication, biometric data are widely observed. Especially, how to keep the privacy of biometric at the password database without impairing efficiency is still an open question. Using the vulnerability of encryption (or hash) algorithms, the attacker can still launch offline brute-force attacks on encrypted (or hashed) biometric data. To address the potential risk of biometric disclosure at the password database, in this paper, we propose a novel efficient and secure MFA key exchange (later denoted as MFAKE) protocol leveraging the Pythia PRF service and password-to-random (or PTR) protocol. Armed with the PTR protocol, a master password pwd can be translated by the user into independent pseudorandom passwords (or rwd) for each user account with the help of device (e.g., smart phone). Meanwhile, using the Pythia PRF service, the password database can avoid leakage of the local user's password and biometric data. This is the first paper to achieve the password and biometric harden service simultaneously using the PTR protocol and Pythia PRF. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | TECH SCIENCE PRESS | - |
dc.relation.isPartOf | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.title | Multi-Factor Password-Authenticated Key Exchange via Pythia PRF Service | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000527105300008 | - |
dc.identifier.doi | 10.32604/cmc.2020.06565 | - |
dc.identifier.bibliographicCitation | CMC-COMPUTERS MATERIALS & CONTINUA, v.63, no.2, pp.663 - 674 | - |
dc.description.isOpenAccess | N | - |
dc.identifier.scopusid | 2-s2.0-85091187784 | - |
dc.citation.endPage | 674 | - |
dc.citation.startPage | 663 | - |
dc.citation.title | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.citation.volume | 63 | - |
dc.citation.number | 2 | - |
dc.contributor.affiliatedAuthor | Choi, Chang | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Multi-factor authentication key exchange | - |
dc.subject.keywordAuthor | biometric data | - |
dc.subject.keywordAuthor | password-to-random | - |
dc.subject.keywordAuthor | Pythia PRF | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Materials Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Materials Science, Multidisciplinary | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.