Journal
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
Volume 9, Issue 12, Pages 2302-2313Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TIFS.2014.2362979
Keywords
Authentication; security; privacy; password; smart card; biometrics
Funding
- University of Birmingham under EPSRC [EP/H005501/1]
- National Natural Science Fundation of China [61202475]
- EPSRC [EP/L001802/1, EP/H005501/1] Funding Source: UKRI
- Engineering and Physical Sciences Research Council [EP/L001802/1, EP/H005501/1] Funding Source: researchfish
Ask authors/readers for more resources
Remote authentication has been widely studied and adapted in distributed systems. The security of remote authentication mechanisms mostly relies on one of or the combination of three factors: 1) something users know-password; 2) something users have-smart card; and 3) something users are-biometric characteristics. This paper introduces an efficient generic framework for three-factor authentication. The proposed generic framework enhances the security of existing two-factor authentication schemes by upgrading them to three-factor authentication schemes, without exposing user privacy. In addition, we present a case study by upgrading a secure two-factor authentication scheme to a secure three-factor authentication scheme. Furthermore, implementation analysis, formal proof, and privacy discussion are provided to show that the derived scheme is practical, secure, and privacy preserving.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available