Cryptology ePrint Archive: Report 2018/033

Two-Factor Authentication with End-to-End Password Security

Stanislaw Jarecki and Hugo Krawczyk and Maliheh Shirvanian and Nitesh Saxena

Abstract: We present a secure two-factor authentication (TFA) scheme based on the possession by the user of a password and a crypto-capable device. Security is ``end-to-end" in the sense that the attacker can attack all parts of the system, including all communication links and any subset of parties (servers, devices, client terminals), can learn users' passwords, and perform active and passive attacks, online and offline. In all cases the scheme provides the highest attainable security bounds given the set of compromised components.

Our solution builds a TFA scheme using any Device-Enhanced PAKE, defined by Jarecki et al., and any Short Authenticated String (SAS) Message Authentication, defined by Vaudenay. We show an efficient instantiation of this modular construction which utilizes any password-based client-server authentication method, with or without reliance on public-key infrastructure. The security of the proposed scheme is proven in a formal model that we formulate as an extension of the traditional PAKE model.

We also report on a prototype implementation of our schemes, including TLS-based and PKI-free variants, as well as several instantiations of the SAS mechanism, all demonstrating the practicality of our approach.

Category / Keywords: cryptographic protocols / password authentication, two-factor authentication, short authenticated string model

Original Publication (with major differences): IACR-PKC-2018

Date: received 7 Jan 2018, last revised 8 Jan 2018

Contact author: stanislawjarecki at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20180109:050230 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]