http://iet.metastore.ingenta.com
1887

A secure data backup scheme using multi-factor authentication

A secure data backup scheme using multi-factor authentication

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Sensitive data stored in laptops or other mobile devices can easily be lost, stolen, misplaced or corrupted, the remote backup storage technique is used to address these issues; however, the backup server could not be fully trusted, the data should be encrypted in advance. Although the key is more easily protected due to the smaller size compared with the backup data, it is still impossible for ordinary human to remember. A user-centred design data backup scheme is proposed using multi-factor authentication. The user firstly selects a symmetrical key and divides it into three shares, then destroys the key. The key can easily be reconstructed by combining the shares stored in the user's smart card and the laptop. Even if the smart card or laptop is lost, the key can still be recovered with the password and biometrics. The proposed scheme not only achieves the required security goals but also is more robust and practical.

References

    1. 1)
      • 1. Wei, L., Zhu, H., Cao, Z., et al: ‘Security and privacy for storage and computation in cloud computing’, Inf. Sci., 2014, 258, (3), pp. 371386.
    2. 2)
      • 2. Weinman, J.: ‘The future of cloud computing’, Expert Group Report European Commission, 2010, 3, (1), pp. 4768.
    3. 3)
      • 3. Katz, J., Lindell, Y.: ‘Introduction to modern cryptography’ (CRC Press, 2007).
    4. 4)
      • 4. Das, A.K.: ‘Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards’, Inf. Sec., 2011, 5, (3), pp. 145151.
    5. 5)
      • 5. Chang, C., Chou, Y., Sun, C.: ‘Novel and practical scheme based on secret sharing for laptop data protection’, Inf. Sec., 2015, 9, (2), pp. 100107.
    6. 6)
      • 6. Shamir, A.: ‘How to share a secret’, ACM Commun., 1979, 22, (11), pp. 612613.
    7. 7)
      • 7. Tian, Y., Ma, J., Peng, C., et al: ‘Fair (t, n) threshold secret sharing scheme’, Inf. Sec., 2013, 7, (2), pp. 106112.
    8. 8)
      • 8. Harn, L.: ‘Comments on ‘fair (t, n) threshold secret sharing scheme’’, Inf. Sec., 2014, 8, (6), pp. 303304.
    9. 9)
      • 9. Huang, X., Xiang, Y., Chonka, A., et al: ‘A generic framework for three-factor authentication: preserving security and privacy in distributed systems’, Trans. Parallel Distrib. Syst., 2011, 22, (8), pp. 13901397.
    10. 10)
      • 10. Lin, C., Lai, Y.: ‘A flexible biometric remote user authentication scheme’, Comp. Stand. Interf., 2004, 27, (1), pp. 1923.
    11. 11)
      • 11. Khan, M.K., Zhang, J., Wang, X.: ‘Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices’, Chaos Soliton Fract., 2008, 35, (3), pp. 519524.
    12. 12)
      • 12. Li, C., Hwang, M.: ‘An efficient biometric-based remote authentication scheme using smart cards’, J. Netw. Comput. Appl., 2010, 33, (1), pp. 15.
    13. 13)
      • 13. An, Y.: ‘Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards’, Biomed. Res. Int., 2011, 2012, (4), pp. 213219.
    14. 14)
      • 14. Khan, M., Kumari, S.: ‘An improved biometrics-based remote user authentication scheme with user anonymity’, Biomed. Res. Int., 2013, 2013, (10), pp. 10101014.
    15. 15)
      • 15. Chaturvedi, A., Mishra, D., Mukhopadhyay, S.: ‘Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card’. ICISS, 2013, Proc. of the 9th Int. Conf. on Information Systems Security (LNCS, 8303), pp. 6377.
    16. 16)
      • 16. Li, X., Niu, J., Khan, M.K., et al: ‘Robust biometrics based three-factor remote user authentication scheme with key agreement’. Biometrics and Security Technologies (ISBAST), 2013 Int. Symp. on. IEEE, 2013, pp. 105110.
    17. 17)
      • 17. Mathew, H.M., Raj, S.B.E., Gundapu, P.S.J., et al: ‘An improved three-factor authentication scheme using smart card with biometric privacy protection’. Electronics Computer Technology (ICECT), 2011 3rd Int. Conf. on. IEEE, 2011, pp. 220223.
    18. 18)
      • 18. Sarvabhatla, M., Giri, M., Vorugunti, C.S.: ‘A secure biometrics-based remote user authentication scheme for secure data exchange’. Embedded Systems (ICES), 2014 Int. Conf. on. IEEE, 2014, pp. 110115.
    19. 19)
      • 19. Lamport, L.: ‘Password authentication with insecure communication’, ACM Commun., 1981, 24, (11), pp. 770772.
    20. 20)
      • 20. Wang, X., Zhang, W., Zhang, J., et al: ‘Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards’, Comp. Stand. Interf., 2007, 29, (5), pp. 507512.
    21. 21)
      • 21. Wang, D., Jian, G., Huang, X., et al: ‘Zipf's law in passwords’, Tech. Rep., Cryptology ePrint Archive, Report 2014/631, 2014.
    22. 22)
      • 22. Jiang, Q., Wei, F., Fu, S., et al: ‘Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy’, Nonlinear Dyn., 2016, 83, (4), pp. 20852104.
    23. 23)
      • 23. Wang, D., Ma, C.: ‘Robust smart card based password authentication scheme against smart card security breach’, Cryptology ePrint Archive, Report 2012/439, 2012 (http://eprint.iacr.org/2012/439.pdf)..
    24. 24)
      • 24. Aloul, F., Zahidi, S., El-Hajj, W.: ‘Two factor authentication using mobile phones’. Computer Systems and Applications, 2009. AICCSA 2009. IEEE/ACS Int. Conf. on. IEEE, 2009, pp. 641644.
    25. 25)
      • 25. Shen, H., Cao, C., He, D., et al: ‘New biometrics-based authentication scheme for multi-server environment in critical systems’, J Ambient Intell Humaniz Comput, 2015, 6, (6), pp. 825834.
    26. 26)
      • 26. He, D., Zhang, Y., Chen, J.: ‘Robust biometric-based user authentication scheme for wireless sensor networks’, Ad Hoc Sens. Wirel. Netw., 2015, 25, (3–4), pp. 309321.
    27. 27)
      • 27. Om, H., Reddy, M.: ‘Geometric based remote password authentication using biometrics’, J. Discrete Math. Sci. Cryptogr., 2013, 16, (4), pp. 207220.
    28. 28)
      • 28. Das, A., Goswami, A.: ‘A robust anonymous biometric-based remote user authentication scheme using smart cards’, J. King Saud Univ. –Comp. Inf. Sci., 2015, 27, (2), pp. 193210.
    29. 29)
      • 29. Jain, A., Ross, A., Nandakumar, K.: ‘Introduction to biometrics’ (Springer Press, 2011, 1st edn.).
    30. 30)
      • 30. Dodis, Y., Reyzin, L.: ‘Fuzzy extractors: how to generate strong keys from biometrics and other noisy data’, SIAM J. Comput., 2008, 38, (1), pp. 97139.
    31. 31)
      • 31. Burrows, M., Abadi, M., Needham, R.: ‘A logic of authentication’, ACM Trans. Comp. Syst., 1990, 8, (1), pp. 16.
    32. 32)
      • 32. ‘Crypto++ Library 5.6.3’, http://www.cryptopp.com, accessed at 20 May2016.
    33. 33)
      • 33. Wu, T., Tseng, Y.: ‘An efficient user authentication and key exchange protocol for mobile client-server environment’, Comput. Netw., 2010, 54, (9), pp. 15201530.
    34. 34)
      • 34. He, D., Zeadally, S., Kumar, N., et al: ‘Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures’, IEEE Trans. Inf. Forensics Security, 2016, 11, (9), pp. 20522064.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0103
Loading

Related content

content/journals/10.1049/iet-ifs.2016.0103
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address