A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Public Key Cryptography - PKC 2005: 8th International Workshop on Theory and Practice in Public Key Cryptography (Lecture Notes in Computer Science)
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Multi-factor authenticated key exchange
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Formal analysis and systematic construction of two-factor authentication scheme (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
One-Time verifier-based encrypted key exchange
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Universally composable password-based key exchange
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
An optimized two factor authenticated key exchange protocol in PWLANs
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part II
| Hi-index | 0.00 |
We consider a new form of authenticated key exchange which we call multi-factor password-authenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other's identity without directly disclosing private information to the other party. Multi-factor authentication can provide an enhanced level of assurance in higher-security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised. We introduce a security model for multi-factor password-authenticated key exchange protocols, propose an efficient and secure protocol called MFPAK, and provide a security argument to show that our protocol is secure in this model. Our security model is an extension of the Bellare-Pointcheval-Rogaway security model for password-authenticated key exchange and accommodates an arbitrary number of symmetric and asymmetric authentication factors.