An Efficient Generic Framework for Three-Factor Authentication With Provably Secure Instantiation

Remote authentication has been widely studied and adapted in distributed systems. The security of remote authentication mechanisms mostly relies on one of or the combination of three factors: 1) something users know-password; 2) something users have-smart card; and 3) something users are-biometric c...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2014-12, Vol.9 (12), p.2302-2313
Main Authors: Yu, Jiangshan, Wang, Guilin, Mu, Yi, Gao, Wei
Format: Article
Language:English
Subjects:
Authentication
biometrics
Biometrics (access control)
Cards
Computer information security
Exposure
Feature extraction
Forensic engineering
password
Preserving
Privacy
Security
smart card
Smart cards
Upgrading
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Remote authentication has been widely studied and adapted in distributed systems. The security of remote authentication mechanisms mostly relies on one of or the combination of three factors: 1) something users know-password; 2) something users have-smart card; and 3) something users are-biometric characteristics. This paper introduces an efficient generic framework for three-factor authentication. The proposed generic framework enhances the security of existing two-factor authentication schemes by upgrading them to three-factor authentication schemes, without exposing user privacy. In addition, we present a case study by upgrading a secure two-factor authentication scheme to a secure three-factor authentication scheme. Furthermore, implementation analysis, formal proof, and privacy discussion are provided to show that the derived scheme is practical, secure, and privacy preserving.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2014.2362979