Robust Two-factor Smart Card Authentication

被引：0

作者：

Candan, Omer Mert ^{[1
]}

Levi, Albert ^{[1
]}

机构：

[1] Sabanci Univ, Istanbul, Turkey

来源：

2017 IEEE INTERNATIONAL BLACK SEA CONFERENCE ON COMMUNICATIONS AND NETWORKING (BLACKSEACOM) | 2017年

关键词：

Two-factor Authentication; Remote Login; Smart Card; Offline Dictionary Attack; Elliptic Curve Cryptography;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Being very resilient devices, smart cards have been commonly used for two-factor authentication schemes. However, the possibility of side-channel attacks renders private data stored in the cards vulnerable to compromise. With this in mind, we propose an authentication protocol that incorporates a second factor, which is as a password, in addition to the smart card. The scheme is aimed to withstand most common security breaches as well as compromised smart card scenarios and offline dictionary attacks on the passwords. Details of a reference implementation are also given along with performance evaluation of the proposed protocol comparing to the literature. Performance analyses show that the proposed protocol outperforms existing solutions in the literature. Moreover, the computational cost of the proposed protocol is less than 2 seconds on our reference implementation that uses commercially available smart cards.

引用

页码：184 / 188

页数：5

共 12 条

[1] [Anonymous], 2010, REC ELL CURV DOM PAR
[2] Chandrakar P., 2015, 2015 IEEE INT C COMP
[3] Design of improved password authentication and update scheme based on elliptic curve cryptography
Islam, S. K. Hafizul
Biswas, G. P.
[J]. MATHEMATICAL AND COMPUTER MODELLING, 2013, 57 (11-12) : 2703 - 2717
[4] A secure remote user mutual authentication scheme using smart cards
Karuppiah, Marimuthu
Saravanan, R.
[J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2014, 19 (4-5) : 282 - 294
[5] Kocher P., 1999, Advances in Cryptology - CRYPTO'99. 19th Annual International Cryptology Conference. Proceedings, P388
[6] An enhanced smart card based remote user password authentication scheme
Li, Xiong
Niu, Jianwei
Khan, Muhammad Khurram
Liao, Junguo
[J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2013, 36 (05) : 1365 - 1371
[7] Liu Tian-hua, 2012, Journal of Applied Sciences, V30, P67, DOI 10.3969/j.issn.0255-8297.2012.01.011
[8] Examining smart-card security under the threat of power analysis attacks
Messerges, TS
Dabbish, EA
Sloan, RH
[J]. IEEE TRANSACTIONS ON COMPUTERS, 2002, 51 (05) : 541 - 552
[9] Advanced smart card based password authentication protocol
Song, Ronggong
[J]. COMPUTER STANDARDS & INTERFACES, 2010, 32 (5-6) : 321 - 325
[10] Wang D., 2012, CRYPTOLOGY EPRINT AR, P1

← 1 2 →