Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free A secure data backup scheme using multi-factor authentication

Sensitive data stored in laptops or other mobile devices can easily be lost, stolen, misplaced or corrupted, the remote backup storage technique is used to address these issues; however, the backup server could not be fully trusted, the data should be encrypted in advance. Although the key is more easily protected due to the smaller size compared with the backup data, it is still impossible for ordinary human to remember. A user-centred design data backup scheme is proposed using multi-factor authentication. The user firstly selects a symmetrical key and divides it into three shares, then destroys the key. The key can easily be reconstructed by combining the shares stored in the user's smart card and the laptop. Even if the smart card or laptop is lost, the key can still be recovered with the password and biometrics. The proposed scheme not only achieves the required security goals but also is more robust and practical.

References

    1. 1)
      • 16. Li, X., Niu, J., Khan, M.K., et al: ‘Robust biometrics based three-factor remote user authentication scheme with key agreement’. Biometrics and Security Technologies (ISBAST), 2013 Int. Symp. on. IEEE, 2013, pp. 105110.
    2. 2)
      • 33. Wu, T., Tseng, Y.: ‘An efficient user authentication and key exchange protocol for mobile client-server environment’, Comput. Netw., 2010, 54, (9), pp. 15201530.
    3. 3)
      • 21. Wang, D., Jian, G., Huang, X., et al: ‘Zipf's law in passwords’, Tech. Rep., Cryptology ePrint Archive, Report 2014/631, 2014.
    4. 4)
      • 20. Wang, X., Zhang, W., Zhang, J., et al: ‘Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards’, Comp. Stand. Interf., 2007, 29, (5), pp. 507512.
    5. 5)
      • 15. Chaturvedi, A., Mishra, D., Mukhopadhyay, S.: ‘Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card’. ICISS, 2013, Proc. of the 9th Int. Conf. on Information Systems Security (LNCS, 8303), pp. 6377.
    6. 6)
      • 1. Wei, L., Zhu, H., Cao, Z., et al: ‘Security and privacy for storage and computation in cloud computing’, Inf. Sci., 2014, 258, (3), pp. 371386.
    7. 7)
      • 29. Jain, A., Ross, A., Nandakumar, K.: ‘Introduction to biometrics’ (Springer Press, 2011, 1st edn.).
    8. 8)
      • 26. He, D., Zhang, Y., Chen, J.: ‘Robust biometric-based user authentication scheme for wireless sensor networks’, Ad Hoc Sens. Wirel. Netw., 2015, 25, (3–4), pp. 309321.
    9. 9)
      • 8. Harn, L.: ‘Comments on ‘fair (t, n) threshold secret sharing scheme’’, Inf. Sec., 2014, 8, (6), pp. 303304.
    10. 10)
      • 3. Katz, J., Lindell, Y.: ‘Introduction to modern cryptography’ (CRC Press, 2007).
    11. 11)
      • 5. Chang, C., Chou, Y., Sun, C.: ‘Novel and practical scheme based on secret sharing for laptop data protection’, Inf. Sec., 2015, 9, (2), pp. 100107.
    12. 12)
      • 31. Burrows, M., Abadi, M., Needham, R.: ‘A logic of authentication’, ACM Trans. Comp. Syst., 1990, 8, (1), pp. 16.
    13. 13)
      • 10. Lin, C., Lai, Y.: ‘A flexible biometric remote user authentication scheme’, Comp. Stand. Interf., 2004, 27, (1), pp. 1923.
    14. 14)
      • 25. Shen, H., Cao, C., He, D., et al: ‘New biometrics-based authentication scheme for multi-server environment in critical systems’, J Ambient Intell Humaniz Comput, 2015, 6, (6), pp. 825834.
    15. 15)
      • 30. Dodis, Y., Reyzin, L.: ‘Fuzzy extractors: how to generate strong keys from biometrics and other noisy data’, SIAM J. Comput., 2008, 38, (1), pp. 97139.
    16. 16)
      • 18. Sarvabhatla, M., Giri, M., Vorugunti, C.S.: ‘A secure biometrics-based remote user authentication scheme for secure data exchange’. Embedded Systems (ICES), 2014 Int. Conf. on. IEEE, 2014, pp. 110115.
    17. 17)
      • 2. Weinman, J.: ‘The future of cloud computing’, Expert Group Report European Commission, 2010, 3, (1), pp. 4768.
    18. 18)
      • 9. Huang, X., Xiang, Y., Chonka, A., et al: ‘A generic framework for three-factor authentication: preserving security and privacy in distributed systems’, Trans. Parallel Distrib. Syst., 2011, 22, (8), pp. 13901397.
    19. 19)
      • 22. Jiang, Q., Wei, F., Fu, S., et al: ‘Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy’, Nonlinear Dyn., 2016, 83, (4), pp. 20852104.
    20. 20)
      • 19. Lamport, L.: ‘Password authentication with insecure communication’, ACM Commun., 1981, 24, (11), pp. 770772.
    21. 21)
      • 7. Tian, Y., Ma, J., Peng, C., et al: ‘Fair (t, n) threshold secret sharing scheme’, Inf. Sec., 2013, 7, (2), pp. 106112.
    22. 22)
      • 32. ‘Crypto++ Library 5.6.3’, http://www.cryptopp.com, accessed at 20 May2016.
    23. 23)
      • 4. Das, A.K.: ‘Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards’, Inf. Sec., 2011, 5, (3), pp. 145151.
    24. 24)
      • 27. Om, H., Reddy, M.: ‘Geometric based remote password authentication using biometrics’, J. Discrete Math. Sci. Cryptogr., 2013, 16, (4), pp. 207220.
    25. 25)
      • 23. Wang, D., Ma, C.: ‘Robust smart card based password authentication scheme against smart card security breach’, Cryptology ePrint Archive, Report 2012/439, 2012 (http://eprint.iacr.org/2012/439.pdf)..
    26. 26)
      • 12. Li, C., Hwang, M.: ‘An efficient biometric-based remote authentication scheme using smart cards’, J. Netw. Comput. Appl., 2010, 33, (1), pp. 15.
    27. 27)
      • 13. An, Y.: ‘Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards’, Biomed. Res. Int., 2011, 2012, (4), pp. 213219.
    28. 28)
      • 17. Mathew, H.M., Raj, S.B.E., Gundapu, P.S.J., et al: ‘An improved three-factor authentication scheme using smart card with biometric privacy protection’. Electronics Computer Technology (ICECT), 2011 3rd Int. Conf. on. IEEE, 2011, pp. 220223.
    29. 29)
      • 11. Khan, M.K., Zhang, J., Wang, X.: ‘Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices’, Chaos Soliton Fract., 2008, 35, (3), pp. 519524.
    30. 30)
      • 28. Das, A., Goswami, A.: ‘A robust anonymous biometric-based remote user authentication scheme using smart cards’, J. King Saud Univ. –Comp. Inf. Sci., 2015, 27, (2), pp. 193210.
    31. 31)
      • 6. Shamir, A.: ‘How to share a secret’, ACM Commun., 1979, 22, (11), pp. 612613.
    32. 32)
      • 34. He, D., Zeadally, S., Kumar, N., et al: ‘Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures’, IEEE Trans. Inf. Forensics Security, 2016, 11, (9), pp. 20522064.
    33. 33)
      • 14. Khan, M., Kumari, S.: ‘An improved biometrics-based remote user authentication scheme with user anonymity’, Biomed. Res. Int., 2013, 2013, (10), pp. 10101014.
    34. 34)
      • 24. Aloul, F., Zahidi, S., El-Hajj, W.: ‘Two factor authentication using mobile phones’. Computer Systems and Applications, 2009. AICCSA 2009. IEEE/ACS Int. Conf. on. IEEE, 2009, pp. 641644.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0103
Loading

Related content

content/journals/10.1049/iet-ifs.2016.0103
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address