CFP last date
20 August 2024
Call for Paper
September Edition
IJCA solicits high quality original research papers for the upcoming September edition of the journal. The last date of research paper submission is 20 August 2024

Submit your paper
Know more
The week's pick
Responsive image
Implementation of Polynomial Regression using Least Squares and Gradient Descent in Python

Ahmad Farhan AlShammari
Random Articles
Reseach Article

Enhanced Biometric Key Exchange Protocol (EBKEP) with TOTP for 2FA

by Mohamed Amer, Sayed Abdel Gaber, Tarek S. Sobh
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 29
Year of Publication: 2024
Authors: Mohamed Amer, Sayed Abdel Gaber, Tarek S. Sobh
10.5120/ijca2024923807

Mohamed Amer, Sayed Abdel Gaber, Tarek S. Sobh . Enhanced Biometric Key Exchange Protocol (EBKEP) with TOTP for 2FA. International Journal of Computer Applications. 186, 29 ( Jul 2024), 34-40. DOI=10.5120/ijca2024923807

@article{ 10.5120/ijca2024923807,
author = { Mohamed Amer, Sayed Abdel Gaber, Tarek S. Sobh },
title = { Enhanced Biometric Key Exchange Protocol (EBKEP) with TOTP for 2FA },
journal = { International Journal of Computer Applications },
issue_date = { Jul 2024 },
volume = { 186 },
number = { 29 },
month = { Jul },
year = { 2024 },
issn = { 0975-8887 },
pages = { 34-40 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number29/enhanced-biometric-key-exchange-protocol-ebkep-with-totp-for-2fa/ },
doi = { 10.5120/ijca2024923807 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-07-26T23:00:28.756031+05:30
%A Mohamed Amer
%A Sayed Abdel Gaber
%A Tarek S. Sobh
%T Enhanced Biometric Key Exchange Protocol (EBKEP) with TOTP for 2FA
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 29
%P 34-40
%D 2024
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The increasing computational power and advent of quantum computing necessitate advancements in cryptographic protocols. This paper presents the Enhanced Biometric Key Exchange Protocol (EBKEP) with Time-Based One-Time Password (TOTP) generation for two-factor authentication (2FA), leveraging the uniqueness of biometric data combined with advanced cryptographic techniques. Using face recognition as a case study, EBKEP aims to provide a secure, efficient, and user-friendly method for key exchange, ensuring robust security even in the face of emerging quantum threats. This paper details the design, implementation, quality checks, and security features of EBKEP, highlighting its potential as a next-generation key exchange protocol. The results show significant improvements in security, user convenience, and performance, validated through a comprehensive test plan and procedure.

References
  1. A. Adler, R. Youmaran, and S. Loyka, "Towards a measure of biometric information," in IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops (CVPRW), 2006, pp. 55-55.
  2. M. Bellare and P. Rogaway, "Random oracles are practical: A paradigm for designing efficient protocols," in Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993, pp. 62-73.
  3. S. A. Camtepe and B. Yener, "Key distribution mechanisms for wireless sensor networks: a survey," IEEE Transactions on Mobile Computing, vol. 5, no. 4, pp. 347-361, Apr. 2006.
  4. S. Chatterjee, A. K. Das, and J. K. Sing, "A new efficient biometric-based remote user authentication scheme for multi-server environments," IEEE Systems Journal, vol. 12, no. 2, pp. 1620-1630, Jun. 2018.
  5. A. K. Das, "Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards," IET Information Security, vol. 5, no. 3, pp. 145-151, Sept. 2011.
  6. W. Diffie and M. Hellman, "New directions in cryptography," IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644-654, Nov. 1976.
  7. J. Daugman, "How iris recognition works," IEEE Transactions on Circuits and Systems for Video Technology, vol. 14, no. 1, pp. 21-30, Jan. 2004.
  8. D. Boneh and V. Shoup, "A Graduate Course in Applied Cryptography," Draft version 0.5, 2020.
  9. R. L. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978.
  10. S. Li and A. C. Kot, "Fingerprint combination for privacy protection," IEEE Transactions on Information Forensics and Security, vol. 8, no. 2, pp. 350-360, Feb. 2013.
  11. S. N. Gowda and S. R. R. Kumari, "Biometric authentication system: A novel design and implementation using asymmetric cryptography," in IEEE Conference on Information and Communication Technology (CICT), 2018, pp. 1-6.
  12. D. Huang and D. Hu, "A survey on hybrid secure communication protocols for Internet of Things," IEEE Internet of Things Journal, vol. 7, no. 6, pp. 4696-4706, Jun. 2020.
  13. A. Jain, A. Ross, and S. Prabhakar, "An introduction to biometric recognition," IEEE Transactions on Circuits and Systems for Video Technology, vol. 14, no. 1, pp. 4-20, Jan. 2004.
  14. H. Sellahewa and S. J. Spillman, "Image processing for secure biometrics," IEEE Signal Processing Magazine, vol. 21, no. 3, pp. 12-13, May 2004.
  15. S. Pankanti, S. Prabhakar, and A. K. Jain, "On the individuality of fingerprints," IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 24, no. 8, pp. 1010-1025, Aug. 2002.
  16. J. Bringer, H. Chabanne, and A. Patey, "Shade: Secure Hamming distance computation from encrypted data," in Financial Cryptography and Data Security, Springer, 2013, pp. 164-176.
  17. M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks," in Advances in Cryptology (EUROCRYPT 2000), Springer, 2000, pp. 139-155.
  18. H. M. Ng, S. T. Shen, and H. W. Tang, "Biometric key exchange protocols," in IEEE International Conference on Communications (ICC), 2018, pp. 1-6.
  19. P. Tuyls, A. H. Makkouk, and E. Marechal, "Cryptographic key generation from biometric data using lattice quantization," in IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP), 2007, pp. 129-132.
  20. Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," SIAM Journal on Computing, vol. 38, no. 1, pp. 97-139, Mar. 2008.
  21. Nguyen, D. T., & Bai, L. (2021). Deep Learning-Based Biometric Authentication: A Survey. IEEE Transactions on Biometrics, Behavior, and Identity Science.
  22. Zheng, L., & Jin, Z. (2022). Enhancing Biometric Authentication Using Deep Convolutional Neural Networks. Pattern Recognition Letters.
  23. Krawczyk, H., Bellare, M., & Canetti, R. (1997). HMAC: Keyed-Hashing for Message Authentication. RFC 2104.
  24. Shi, E., & Perrig, A. (2006). Designing Secure Sensor Networks. IEEE Wireless Communications.
  25. Bonneau, J., Herley, C., Van Oorschot, P. C., & Stajano, F. (2012). The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. IEEE Symposium on Security and Privacy.
  26. Song, J., & Ahn, G. (2016). Secure Two-Factor Authentication Using TOTP and QR Code. Journal of Information Security and Applications.
  27. Deng, J., Guo, J., Xue, N., & Zafeiriou, S. (2019). ArcFace: Additive Angular Margin Loss for Deep Face Recognition. CVPR.
Index Terms

Computer Science
Information Sciences

Keywords

Biometric Key Exchange Face Recognition Time-Based One-Time Password (TOTP) Two-Factor Authentication (2FA) Cryptographic Protocols Quantum Secure

Powered by PhDFocusTM