Go to NSS 2018 homepageA Provably-Secure Two-Factor Authenticated Key Exchange Protocol with Stronger Anonymity
Abstract: Authentication is an effective mechanism for determining whether a user is unauthorized to access to the device and/or online account. In addition, users may also be concerned about preserving their online privacy (e.g. identity, and individual preferences). Conventional anonymous two-factor authenticated key exchange (AKE) protocols only guarantee user anonymity against an external adversary, although user identity may be easily learned by a malicious insider (e.g. server), and the latter may also trace the user’s activities and analyze the user’s individual preferences for illicit financial gains. To address this problem, we propose a novel anonymous two-factor AKE protocol, which achieves stronger anonymity in the sense that no useful information about the user’s identity is revealed to either an adversary or the server. We then give a formal security proof of the protocol in the random oracle model.
0 Replies
Loading