Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment

Ding Wang, Debiao He, Ping Wang, Chao Hsien Chu

Research output: Contribution to journalArticle

192 Citations (Scopus)

Abstract

Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements (e.g., resistance to smart card loss attack) and desirable attributes (e.g., local password update). Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal (but no one has succeeded so far), while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an "ideal" scheme that satisfies all the desirable goals? In this work, we aim to provide a definite answer to this question. We first revisit two foremost proposals, i.e. Tsai et al.'s scheme and Li's scheme, revealing some subtleties and challenges in designing such schemes. Then, we systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. Our results indicate that, under the current widely accepted adversarial model, certain goals are beyond attainment. This also suggests a negative answer to the open problem left by Huang et al. in 2014. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which we believe will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.

Original languageEnglish (US)
Article number6894170
Pages (from-to)428-442
Number of pages15
JournalIEEE Transactions on Dependable and Secure Computing
Volume12
Issue number4
DOIs
StatePublished - Jul 2015

Fingerprint

Authentication
Smart cards

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Cite this

@article{119013a69a3a41e98a3f211670c9e88d,
title = "Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment",
abstract = "Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements (e.g., resistance to smart card loss attack) and desirable attributes (e.g., local password update). Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal (but no one has succeeded so far), while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an {"}ideal{"} scheme that satisfies all the desirable goals? In this work, we aim to provide a definite answer to this question. We first revisit two foremost proposals, i.e. Tsai et al.'s scheme and Li's scheme, revealing some subtleties and challenges in designing such schemes. Then, we systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. Our results indicate that, under the current widely accepted adversarial model, certain goals are beyond attainment. This also suggests a negative answer to the open problem left by Huang et al. in 2014. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which we believe will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.",
author = "Ding Wang and Debiao He and Ping Wang and Chu, {Chao Hsien}",
year = "2015",
month = "7",
doi = "10.1109/TDSC.2014.2355850",
language = "English (US)",
volume = "12",
pages = "428--442",
journal = "IEEE Transactions on Dependable and Secure Computing",
issn = "1545-5971",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "4",

}

Anonymous Two-Factor Authentication in Distributed Systems : Certain Goals Are Beyond Attainment. / Wang, Ding; He, Debiao; Wang, Ping; Chu, Chao Hsien.

In: IEEE Transactions on Dependable and Secure Computing, Vol. 12, No. 4, 6894170, 07.2015, p. 428-442.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Anonymous Two-Factor Authentication in Distributed Systems

T2 - Certain Goals Are Beyond Attainment

AU - Wang, Ding

AU - He, Debiao

AU - Wang, Ping

AU - Chu, Chao Hsien

PY - 2015/7

Y1 - 2015/7

N2 - Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements (e.g., resistance to smart card loss attack) and desirable attributes (e.g., local password update). Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal (but no one has succeeded so far), while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an "ideal" scheme that satisfies all the desirable goals? In this work, we aim to provide a definite answer to this question. We first revisit two foremost proposals, i.e. Tsai et al.'s scheme and Li's scheme, revealing some subtleties and challenges in designing such schemes. Then, we systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. Our results indicate that, under the current widely accepted adversarial model, certain goals are beyond attainment. This also suggests a negative answer to the open problem left by Huang et al. in 2014. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which we believe will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.

AB - Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements (e.g., resistance to smart card loss attack) and desirable attributes (e.g., local password update). Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal (but no one has succeeded so far), while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an "ideal" scheme that satisfies all the desirable goals? In this work, we aim to provide a definite answer to this question. We first revisit two foremost proposals, i.e. Tsai et al.'s scheme and Li's scheme, revealing some subtleties and challenges in designing such schemes. Then, we systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. Our results indicate that, under the current widely accepted adversarial model, certain goals are beyond attainment. This also suggests a negative answer to the open problem left by Huang et al. in 2014. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which we believe will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.

UR - http://www.scopus.com/inward/record.url?scp=84975275069&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84975275069&partnerID=8YFLogxK

U2 - 10.1109/TDSC.2014.2355850

DO - 10.1109/TDSC.2014.2355850

M3 - Article

AN - SCOPUS:84975275069

VL - 12

SP - 428

EP - 442

JO - IEEE Transactions on Dependable and Secure Computing

JF - IEEE Transactions on Dependable and Secure Computing

SN - 1545-5971

IS - 4

M1 - 6894170

ER -