Online Version - Last Updated - 20 Jan 2012 |
 |
| Home |
| |
| Procedures and Resources for Authors |
|
| Information and Resources for Volume Editors |
| |
| Orders and Subscriptions |
| |
| Published Articles |
|
| Upcoming Volumes |
| |
| Contact Us |
| |
| Useful External Links |
| |
| CRPIT Site Search |
Multi-Factor Password-Authenticated Key Exchange
Stebila, D., Udupi, P. and Chang, S.
We consider a new form of authenticated key exchange which we call multi-factor password- authenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other’s identity without directly disclosing private information to the other party.
Multi-factor authentication can provide an enhanced level of assurance in higher-security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised.
We introduce a security model for multi-factor password-authenticated key exchange protocols, propose an efficient and secure protocol called MFPAK, and provide a security argument to show that our protocol is secure in this model. Our security model is an extension of the Bellare-Pointcheval-Rogaway security model for password-authenticated key exchange and accommodates an arbitrary number of symmetric and asymmetric authentication factors.
Cite as: Stebila, D., Udupi, P. and Chang, S. (2010). Multi-Factor Password-Authenticated Key Exchange. In Proc. Eighth Australasian Information Security Conference (AISC 2010) Brisbane, Australia. CRPIT, 105. Boyd, C. and Susilo, W. Eds., ACS. 56-66
(from crpit.com)
(local if available)
