Abstract
Multi-factor authentication (MFA) has been widely used to safeguard high-value assets. Unlike single-factor authentication (e.g., password-only login), $t$ -factor authentication ( $t$ FA) requires a user always to carry and present $t$ specified factors so as to strengthen the security of login. Nevertheless, this may restrict user experience in limiting the flexibility of factor usage, e.g., the user may prefer to choose any factors at hand for login authentication. To bring back usability and flexibility without loss of security, we introduce a new notion of authentication, called $(t,n)$ threshold MFA , that allows a user to actively choose $t$ factors out of $n$ based on preference. We further define the “most-rigorous” multi-factor security model for the new notion, allowing attackers to control public channels, launch active/passive attacks, and compromise/corrupt any subset of parties as well as factors. We state that the model can capture the most practical security needs in the literature. We design a threshold MFA key exchange (T-MFAKE) protocol built on the top of a threshold oblivious pseudorandom function and an authenticated key exchange protocol. Our protocol achieves the “highest-attainable” security against all attacking attempts in the context of parties/factors being compromised/corrupted. As for efficiency, our design only requires $4+t$ exponentiations, 2 multi-exponentiations and $\mathbf {2}$ communication rounds. Compared with existing $t$ FA schemes, even the degenerated $(t,t)$ version of our protocol achieves the strongest security (stronger than most schemes) and higher efficiency on computational and communication. We instantiate our design on real-world platform to highlight its practicability and efficiency.
Highlights
M ULTI-FACTOR authentication (MFA) has been deployed in real-world applications to safeguard highvalue assets, e.g., online banking
To bring back usability and flexibility without loss of security, we introduce a new notion of authentication, called (t, n) threshold MFA, that allows a user to actively choose t factors out of n based on preference
Inspired by the CK-adversary model for authenticated key exchange (AKE) [38], [39], [40] and Jarecki et al.’s security model [13] for 2FA with a password and an auxiliary device, we propose a model for threshold MFAKE (T-MFAKE) supporting various types and various numbers of factors
Summary
M ULTI-FACTOR authentication (MFA) has been deployed in real-world applications to safeguard highvalue assets, e.g., online banking. A user is required to make use of t factors, at the same time, to execute secure authentication This t-factor authentication (tFA) naturally brings more challenges, than single-factor authentication, to attackers since there are t factors that need to be compromised for an impersonation. To the best of our knowledge, only Jarecki et al [13] 2FA protocol achieves the highest attainable security Their protocol requires expensive cost in communication (10 rounds) so it is not practical for real-world applications. Our model allows attackers to control communication on public channels and to compromise any parties and factors, and considers the use of different types of factors, including passwords, devices, and biometrics. Our protocol holds against all practical and real-world attacks (except the inevitable ones), and achieves the highest attainable security w.r.t. arbitrary combination of party or factor compromise. 5) An efficient implementation and the performance evaluation are demonstrated to highlight the efficiency of our design in the real-world platform
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have