Affiliation:
1. Key Laboratory of Trustworthy Distributed Computing and Service (MoE), Beijing University of Posts and Telecommunications, Beijing 100876, China
2. RIOH High Science and Technology Group, Beijing 100088, China
3. School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen 518055, China
Abstract
The rapid development of mobile computing (e.g., mobile health, mobile payments, and smart homes) has brought great convenience to our lives. It is well-known that the security and privacy of user information from these applications and services is critical. Without the prevention provided by an authentication mechanism, safety vulnerabilities may accumulate, such as illegal intrusion access resulting in data leakage and fraudulent abuse. Luckily, the two-factor authentication (2FA) protocols can secure access and communication for mobile computing. As we understand it, existing 2FA authentication protocols weaken security in the pursuit of high efficiency. How efficiency can be achieved while preserving the protocol’s security remains a challenge. In this study, we designed a robust and effective 2FA protocol based on elliptic curve cryptography (ECC) for authentication of users and service providers. We proved the robustness (respectively, the effectiveness) of the presented protocol with the heuristic analysis and security verification provided by the ProVerif tool (respectively, with a performance comparison based on six schemes). Performance comparisons in terms of message rounds, communication, and computation overheads showed that our scheme was superior to the exiting schemes or comparable as a whole; i.e., only two rounds, 1376 bits, and 1.818 ms were required in our scheme, respectively. The evaluation results showed that the proposed 2FA protocol provides a better balance between security and availability compared to state-of-the-art protocols.
Funder
National Natural Science Foundation of China
National Key Research and Development Program of China
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference60 articles.
1. O’Dea, S. (2021, April 02). Forecast Number of Mobile Users Worldwide 2020–2025. Available online: https://www.statista.com/statistics/218984/number-of-globalmobile-users-since-2010.
2. (2023, February 10). Available online: http://px.tcnet.com.cn/news/industry/2568.html.
3. (2020, September 02). Available online: http://www.360doc.com/content/20/0901/16/71368091_933437844.shtml.
4. Secure three-factor user authentication scheme for renewable-energy-based smart grid environment;Wazid;IEEE Trans. Ind. Inform.,2017
5. A provably secure three-factor session initiation protocol for multimedia big data communications;Islam;IEEE Internet Things J.,2017
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献