Table of Content

Open Access iconOpen Access

ARTICLE

Multi-Factor Password-Authenticated Key Exchange via Pythia PRF Service

Zengpeng Li1, Jiuru Wang2, *, Chang Choi3, Wenyin Zhang2

1 College of Computer Science and Technology, Qingdao University, Qingdao, 266071, China.
2 School of Information Science and Engineering, Linyi University, Linyi, 276005, China.
3 IT Research Institute, Chosun University, Gwangju, 61452, South Korea.

* Corresponding Author: Jiuru Wang. Email: email.

Computers, Materials & Continua 2020, 63(2), 663-674. https://doi.org/10.32604/cmc.2020.06565

Abstract

Multi-factor authentication (MFA) was proposed by Pointcheval et al. [Pointcheval and Zimmer (2008)] to improve the security of single-factor (and two-factor) authentication. As the backbone of multi-factor authentication, biometric data are widely observed. Especially, how to keep the privacy of biometric at the password database without impairing efficiency is still an open question. Using the vulnerability of encryption (or hash) algorithms, the attacker can still launch offline brute-force attacks on encrypted (or hashed) biometric data. To address the potential risk of biometric disclosure at the password database, in this paper, we propose a novel efficient and secure MFA key exchange (later denoted as MFAKE) protocol leveraging the Pythia PRF service and password-to-random (or PTR) protocol. Armed with the PTR protocol, a master password pwd can be translated by the user into independent pseudorandom passwords (or rwd) for each user account with the help of device (e.g., smart phone). Meanwhile, using the Pythia PRF service, the password database can avoid leakage of the local user’s password and biometric data. This is the first paper to achieve the password and biometric harden service simultaneously using the PTR protocol and Pythia PRF.

Keywords


Cite This Article

APA Style
Li, Z., Wang, J., Choi, C., Zhang, W. (2020). Multi-factor password-authenticated key exchange via pythia PRF service. Computers, Materials & Continua, 63(2), 663-674. https://doi.org/10.32604/cmc.2020.06565
Vancouver Style
Li Z, Wang J, Choi C, Zhang W. Multi-factor password-authenticated key exchange via pythia PRF service. Comput Mater Contin. 2020;63(2):663-674 https://doi.org/10.32604/cmc.2020.06565
IEEE Style
Z. Li, J. Wang, C. Choi, and W. Zhang "Multi-Factor Password-Authenticated Key Exchange via Pythia PRF Service," Comput. Mater. Contin., vol. 63, no. 2, pp. 663-674. 2020. https://doi.org/10.32604/cmc.2020.06565



cc Copyright © 2020 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1962

    View

  • 1380

    Download

  • 0

    Like

Related articles

Share Link