Abstract
Remote data backup technology facilitates data storage for users. However, an attacker may intercept some sensitive data on transfer. To solve this problem, sensitive data should be encrypted before uploading to the remote storage. Thus, protecting the secret encryption key is very important. Liu et al. have designed a scheme to protect the secret key using the secret-sharing method and multi-factor authentication. Unfortunately, the authors find some security weaknesses of Liu et al. 's scheme. Liu et al. 's scheme cannot resist offline password guessing attack, the server impersonation attack, the user impersonation attack and an attacker updating password/biometrics attack. They present an enhanced secure data backup scheme using multi-factor authentication to overcome all above-mentioned security threats. The user first divided a secret used to encrypt sensitive data into three shares using Shamir's secret sharing. Moreover, then the user uses the own password and biometrics to hide the true shares, and stores the pseudo three shares in the smart card, the laptop and the server, separately. Furthermore, the proposed scheme is illustrated in detail, and they give a security comparison of their scheme with Liu et al. 's scheme and computational costs.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.