Multifactor authentication scheme using physically unclonable functions

One popular scheme used for authentication security is the implementation of multi-factor authentication (MFA). There have been several researches that discusses on multi-factor authentication scheme but most of these research do not entirely protect data against all types of attacks. Furthermore, most current research only focuses on improving the security part of authentication while neglecting other important parts such as the systems accuracy. Accuracy is based on how perfect is the system able to identify a genuine user or an intruder. Current multifactor authentication schemes were simply not designed to have security and accuracy as their focus. Accuracy can be measured as the success rate on tasks that requires a certain degree. For instance, the number of users who is successfully logging into the system using any technique provides a measure of accuracy. Usually, accuracy demands of users are impacted by other demands such as recall of required information, environmental, or other factors. In authentication, the accuracy factor was identified through the device pairing studies. In many cases in the authentication system requires users to enter a password or biometric traits with 100 percent accuracy for comparing it. Nevertheless, this research analyzes the level of accuracy based on the biometric accuracy of authentication. In this paper will explain the evaluation process on the accuracy level of the proposed authentication to get a highly accurate performance, which is based on FAR (false acceptance rate) and FRR (false rejection rate). Result from the experiment shows that the accuracy of proposed scheme is better than the accuracy of other previous schemes. This is even after additional security features has been added to the scheme.

Download Full-text

Enhanced Multifactor Authentication Scheme

International Journal of Engineering Trends and Technology ◽

10.14445/22315381/ijett-v52p217 ◽

2017 ◽

Vol 52 (2) ◽

pp. 109-114

Author(s):

Devender Kumar ◽

◽

Vikram Singh

Keyword(s):

Authentication Scheme ◽

Multifactor Authentication

Download Full-text

An AODV Based Multifactor Authentication Scheme for Wireless Sensor Network

Journal of IT in Asia ◽

10.33736/jita.3840.2021 ◽

2021 ◽

Vol 9 (1) ◽

pp. 80-88

Author(s):

Jane Yong ◽

Zi Jian Chai ◽

Kah Hao Chin ◽

Christopher Chin Fung Chee ◽

Daniel Soh ◽

...

Keyword(s):

Wireless Sensor Network ◽

Sensor Network ◽

Computational Cost ◽

Industrial Applications ◽

Authentication Scheme ◽

Wireless Sensor ◽

Replay Attack ◽

Physical Attack ◽

Multifactor Authentication ◽

Guessing Attack

Wireless Sensor Network (WSN) is a type of wireless network that is fast getting a lot of attention in scientific and industrial applications, and it is a network of decentralized autonomous standalone sensor devices. However, WSN is easily prone to malicious attacks as anyone can access the server through the node without a proper security authentication. In this paper, we proposed a secure AODV based multi-factor authentication scheme for WSN to mitigate physical attack, offline guessing attack and replay attack. Our proposed scheme is preferred to keep the scheme lightweight while providing enough security that requires smart card, user identity, password, and OTP. Our proposed scheme has relatively lower computational cost with a total of 10Th than the other compared schemes except for Adil et al.’s scheme. However, we have around 8288 bits of authentication overhead due to the nature of packet and the addition of factors. Hence, our scheme is outperformed from computational cost perspective, but the scheme is slightly higher on authentication overhead perspective. In the future, multiple device authentication, implementation of biometric feature can be added to improve the scheme.

Download Full-text

Revisiting a Multifactor Authentication Scheme in Industrial IoT

Security and Communication Networks ◽

10.1155/2021/9995832 ◽

2021 ◽

Vol 2021 ◽

pp. 1-7

Author(s):

Ding Wang ◽

Shuhong Hong ◽

Qingxuan Wang

Keyword(s):

Key Agreement ◽

Open Channel ◽

Authentication Scheme ◽

Forward Secrecy ◽

Authenticated Key Agreement ◽

Computational Costs ◽

Multifactor Authentication ◽

Industrial Iot ◽

Multiple Sensing ◽

Significant Attention

Nowadays, as one of the key applications of Internet of Things, Industry IoT (IIoT) has recently received significant attention and has facilitated our life. In IIoT environments, an amount of data generally requires to be transmitted between the user and sensing devices in an open channel. In order to ensure safe transmission of these data, it is necessary for the user and sensing devices to authenticate each other and establish a secure channel between them. Recently, a multifactor authenticated key agreement scheme for IIoT was proposed, which aims to tackle this problem and provide solutions for user multiple sensing devices’ access. This work claims that the proposed scheme is secure against vario us attacks and has less communication and computational costs than other existing related schemes. Unfortunately, we find that this scheme cannot resist smart card attack and sensing device capture attack. Furthermore, we show that this scheme fails to provide forward secrecy, which is essential for a secure multifactor authentication scheme.

Download Full-text

dLocAuth: a dynamic multifactor authentication scheme for mCommerce applications using independent location-based obfuscation

10.1117/12.918130 ◽

2012 ◽

Author(s):

Torben Kuseler ◽

Ihsan A. Lami

Keyword(s):

Authentication Scheme ◽

Multifactor Authentication

Download Full-text

Round Trip Latency based Authentication Scheme in Fog-Enabled Cloud Computing System

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1887.078219 ◽

2019 ◽

Vol 8 (2) ◽

pp. 1270-1278

Keyword(s):

Cloud Computing ◽

False Negative ◽

Computing System ◽

Authentication Scheme ◽

Round Trip ◽

Communication Latency ◽

Authentication Mechanism ◽

Multifactor Authentication ◽

Cloud Computing System ◽

Authentication Schemes

In fog-enabled cloud computing framework, one of the most challenges is security promises due to the compromised passwords. To overcome this issue, different multifactor authentication schemes have been developed that requires additional authentication credentials along with the standard password to authenticate the login. Among those schemes, Communication Latency-based Authentication Scheme (CLAS) increases the protection of conventional web authentication schemes by leveraging the Round Trip network communication Latency (RTL) between clients and authenticators together with standard password. It uses RTL of clients to secure against password compromise. On the other hand, it can support compromise of either the password or the profiled location of a user. This makes it susceptible to same location attacks. As a result, an integration of additional profiling features is needed to attain more robust and flexible defense against password compromise. Hence in this paper, an extended CLAS is proposed that mainly investigates the mobility and same location challenges in CLAS. Initially, the legitimate login failures are solved by handling both selective and arbitrary mobility of users. For selective mobility case, CLAS generates an individual profile for each location and the user may be granted access if his/her real-time login profile matches any of the stored reference profiles. For arbitrary mobility case, CLAS is integrated with two-factor authentication mechanism to authenticate the user. In addition, the defense against Mimic attacks is improved by utility metric-based location anonymization and obfuscation of RTL algorithms. By using these algorithms, the user’s locations are anonymized and the values of RTL are obfuscated to defend against user compromise attempts for impersonating the RTL by getting nearer to the user location. Moreover, a keystroke dynamics measure is introduced with obfuscated RTL measures to effectively defend the same location attacks. This technique alleviates the potential impacts of network instabilities on RTL measurements. As well, it increases the authentication sample space and so improves the security guarantee of CLAS. Finally, the simulation outcomes illustrate that an extended CLAS has the ability to reduce both false positive and false negative rates.

Download Full-text

Cryptanalysis of a Smartcard-Based User Authentication Scheme for Multi-Server Environments

IEICE Transactions on Communications ◽

10.1587/transcom.e95.b.3052 ◽

2012 ◽

Vol E95.B (9) ◽

pp. 3052-3054 ◽

Cited By ~ 1

Author(s):

Debiao HE ◽

Hao HU

Keyword(s):

User Authentication ◽

Authentication Scheme ◽

User Authentication Scheme ◽

Multi Server

Download Full-text