LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

An Efficient and Secure Two-Factor Password Authentication Scheme With Card Reader(Terminal) Verification

Photo from wikipedia

With regard to the privacy of client–server communication systems, most research works have concentrated on authentication to guarantee security. Among the investigated schemes, two-factor password authentication has been a major… Click to show full abstract

With regard to the privacy of client–server communication systems, most research works have concentrated on authentication to guarantee security. Among the investigated schemes, two-factor password authentication has been a major focus and has undergone considerable development. Two-factor password authentication is a process in which both a password and a physical object are used for authentication to achieve a higher level of security. However, these methods are still subject to some security vulnerabilities, such as malicious card reader attacks, man-in-the-middle attacks, and a lack of perfect forward secrecy. Moreover, although there are many evaluation criteria, there still lacks a set of universal criteria. To address these issues, a two-factor password authentication scheme is proposed in the context of practical application environment in this paper, such as side-channel attacks. Moreover, a card reader verification step is added to the authentication scheme to counteract malicious card reader attacks. In addition, the proposed scheme can resist various known attacks, including replay attacks, lost or stolen smart card attacks, and man-in-the-middle attacks. We present a detailed security analysis and comparative evaluation, and we prove the security of our scheme with Burrows–Abadi–Needham (BAN) logic. Compared with previous schemes, the main advantages of the proposed scheme are its low computational cost, guaranteed security, and better adaptability to actual client–server communication environments.

Keywords: factor password; password authentication; card reader; authentication; two factor; password

Journal Title: IEEE Access
Year Published: 2018

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.