A Forward-secure Efficient Two-factor Authentication Protocol

TL;DR

This paper introduces a novel forward-secure 2FA protocol that is simple, efficient, and secure against strong adversaries, requiring only one secret, no modular exponentiations, and lower communication overhead.

Contribution

It presents the first 2FA protocol that is forward-secure, resists strong adversaries, and avoids trusted chipsets, with reduced communication costs and standard model security.

Findings

Requires only one secret or PIN to authenticate.

Eliminates modular exponentiations for efficiency.

Reduces communication overhead by up to 40%.

Abstract

Two-factor authentication (2FA) schemes that rely on a combination of knowledge factors (e.g., PIN) and device possession have gained popularity. Some of these schemes remain secure even against strong adversaries that (a) observe the traffic between a client and server, and (b) have physical access to the client's device, or its PIN, or breach the server. However, these solutions have several shortcomings; namely, they (i) require a client to remember multiple secret values to prove its identity, (ii) involve several modular exponentiations, and (iii) are in the non-standard random oracle model. In this work, we present a 2FA protocol that resists such a strong adversary while addressing the above shortcomings. Our protocol requires a client to remember only a single secret value/PIN, does not involve any modular exponentiations, and is in a standard model. It is the first one that offers these features without using trusted chipsets. This protocol also imposes up to 40% lower communication overhead than the state-of-the-art solutions do.