Multi-factor authentication can provide an enhanced level of assurance in higher security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised.
We introduce the first formal security model for multi-factor password-authenticated key exchange protocols, propose an efficient and secure protocol called MFPAK, and provide a formal argument to show that our protocol is secure in this model. Our security model is an extension of the Bellare-Pointcheval-Rogaway security model for password-authenticated key exchange and the formal analysis proceeds in the random oracle model.
Category / Keywords: cryptographic protocols / Publication Info: Australian Information Security Conference (AISC) 2010. CRPIT volume 105, pages 56--66. Australian Computer Society. Date: received 13 May 2008, last revised 24 Aug 2010 Contact author: douglas at stebila ca Available format(s): PDF | BibTeX Citation Note: Full version. Version: 20100825:003138 (All versions of this report) Short URL: ia.cr/2008/214 Discussion forum: Show discussion | Start new discussion