CFP last date
20 December 2024
Reseach Article

Mitigating Vulnerabilities in 3-Factor based Authentication

by Yogita Borse, Irfan Siddavatam
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 76 - Number 10
Year of Publication: 2013
Authors: Yogita Borse, Irfan Siddavatam
10.5120/13283-0678

Yogita Borse, Irfan Siddavatam . Mitigating Vulnerabilities in 3-Factor based Authentication. International Journal of Computer Applications. 76, 10 ( August 2013), 19-23. DOI=10.5120/13283-0678

@article{ 10.5120/13283-0678,
author = { Yogita Borse, Irfan Siddavatam },
title = { Mitigating Vulnerabilities in 3-Factor based Authentication },
journal = { International Journal of Computer Applications },
issue_date = { August 2013 },
volume = { 76 },
number = { 10 },
month = { August },
year = { 2013 },
issn = { 0975-8887 },
pages = { 19-23 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume76/number10/13283-0678/ },
doi = { 10.5120/13283-0678 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:45:33.037657+05:30
%A Yogita Borse
%A Irfan Siddavatam
%T Mitigating Vulnerabilities in 3-Factor based Authentication
%J International Journal of Computer Applications
%@ 0975-8887
%V 76
%N 10
%P 19-23
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Remote user authentication schemes are use to identify a user in the distributed environment. There are three different factors commonly use for authentication purpose named as password, smart card and biometric. It is been observed that authentication protocols designed till date are based on password. Normally, password is used as a first authentication factor, where as other two factors are included according to the level of security requirements. In this paper, analysis of 3-factor based protocols is done on the basis of wrong password input and stolen smart card vulnerabilities. Paper also suggest the improvements to control these vulnerabilities.

References
  1. Leslie Lamport. Password authentication with insecure communication. Commun. ACM, 24(11):770–772, November 1981.
  2. Seung Wook Jung and Souhwan Jung. Secure password authentication for distributed computing. In Computational Intelligence and Security, 2006 International Conference on, volume 2, pages 1345–1350, 2006.
  3. Chun-Ta Li and Min-Shiang Hwang. An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. , 33(1):1–5, January 2010.
  4. Narn-Yih Lee and Yu-Chung Chiu. Improved remote authentication scheme with smart card. Computer Standards & Interfaces, 27(2):177–180, 2005.
  5. Jing Xu, Wen-Tao Zhu, and Deng-Guo Feng. An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces, 31(4):723–728, June 2009.
  6. Ronggong Song. Advanced smart card based password authentication protocol. Comput. Stand. Interfaces, 32(5-6):321–325, October 2010.
  7. J. K. Lee, S. R. Ryu, and K. Y. Yoo. Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters, 38(12):554–555, 2002.
  8. Chu-Hsing Lin and Yi-Yi Lai. A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces, 27(1):19–23, 2004.
  9. Muhammad Khurram Khan and Jiashu Zhang. Improving the security of 'a flexible biometrics remote user authentication scheme'. Computer Standards and Interfaces, pages 82–85, 2007.
  10. A. K. Das. Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. Information Security, IET, 5(3):145–151, 2011.
  11. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '99, pages 388–397, London, UK, UK, 1999. Springer-Verlag.
  12. Thomas S. Messerges, Ezzat A. Dabbish, and Robert H. Sloan. Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. , 51(5):541–552, May 2002.
Index Terms

Computer Science
Information Sciences

Keywords

password vulnerability authentication biometrics smart cards 3-factor authentication.