Formal analysis and systematic construction of two-factor authentication scheme

Formal analysis and systematic construction of two-factor authentication scheme

One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type o...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Guomin, WONG, Duncan S., WANG, Huaxiong, DENG, Xiaotie
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2006
Subjects:
Smart Card
Authentication Scheme
Mutual Authentication
Registration Phase
Login Request
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/7437
https://ink.library.smu.edu.sg/context/sis_research/article/8440/viewcontent/Formal_analysis_and_systematic_construction_of_two_factor_authentication_scheme.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-8440
record_format dspace
spelling sg-smu-ink.sis_research-84402023-08-21T07:19:31Z Formal analysis and systematic construction of two-factor authentication scheme YANG, Guomin WONG, Duncan S. WANG, Huaxiong DENG, Xiaotie One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type of schemes, in this paper, we further review two recently proposed schemes and show that their security claims are invalid. To address the current issue, we propose a new and simplified property set and a formal adversarial model for analyzing the security of this type of schemes. We believe that the property set and the adversarial model themselves are of independent interest.We then propose a new scheme and a generic construction framework. In particular, we show that a secure password based key exchange protocol can be transformed efficiently to a smartcard and password based two-factor authentication scheme provided that there exist pseudorandom functions and collision-resistant hash functions. 2006-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7437 info:doi/10.1007/11935308_7 https://ink.library.smu.edu.sg/context/sis_research/article/8440/viewcontent/Formal_analysis_and_systematic_construction_of_two_factor_authentication_scheme.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Smart Card Authentication Scheme Mutual Authentication Registration Phase Login Request Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Smart Card
Authentication Scheme
Mutual Authentication
Registration Phase
Login Request
Information Security
spellingShingle Smart Card
Authentication Scheme
Mutual Authentication
Registration Phase
Login Request
Information Security
YANG, Guomin
WONG, Duncan S.
WANG, Huaxiong
DENG, Xiaotie
Formal analysis and systematic construction of two-factor authentication scheme
description One of the most commonly used two-factor authentication mechanisms is based on smart card and user’s password. Throughout the years, there have been many schemes proposed, but most of them have already been found flawed due to the lack of formal security analysis. On the cryptanalysis of this type of schemes, in this paper, we further review two recently proposed schemes and show that their security claims are invalid. To address the current issue, we propose a new and simplified property set and a formal adversarial model for analyzing the security of this type of schemes. We believe that the property set and the adversarial model themselves are of independent interest.We then propose a new scheme and a generic construction framework. In particular, we show that a secure password based key exchange protocol can be transformed efficiently to a smartcard and password based two-factor authentication scheme provided that there exist pseudorandom functions and collision-resistant hash functions.
format text
author YANG, Guomin
WONG, Duncan S.
WANG, Huaxiong
DENG, Xiaotie
author_facet YANG, Guomin
WONG, Duncan S.
WANG, Huaxiong
DENG, Xiaotie
author_sort YANG, Guomin
title Formal analysis and systematic construction of two-factor authentication scheme
title_short Formal analysis and systematic construction of two-factor authentication scheme
title_full Formal analysis and systematic construction of two-factor authentication scheme
title_fullStr Formal analysis and systematic construction of two-factor authentication scheme
title_full_unstemmed Formal analysis and systematic construction of two-factor authentication scheme
title_sort formal analysis and systematic construction of two-factor authentication scheme
publisher Institutional Knowledge at Singapore Management University
publishDate 2006
url https://ink.library.smu.edu.sg/sis_research/7437
https://ink.library.smu.edu.sg/context/sis_research/article/8440/viewcontent/Formal_analysis_and_systematic_construction_of_two_factor_authentication_scheme.pdf
_version_ 1779156951798644736

Similar Items