Authenticated key exchange (AKE) is one of the most important applications in applied cryptography, where a user interacts with a server to set up a session key where pre-registered information (aka. authentication factor), such as a password or biometrics, of the user is stored. While single-factor AKE is widely used in practice, higher security concerns call for multi-factor AKE schemes, e.g. combining both passwords and biometrics and device simultaneously. However, in some schemes, security

more »

... is even weakened in the sense that leakage of one authentication factor will defeat the whole authentication process. Furthermore, an inevitable by-product arises that the usability of the protocol often drops greatly. To summarize, the existing multi-factor protocols did not provide enough security and efficiency simultaneously. Here, we make one step ahead by proposing a very efficient authentication method. We define the security model and give the according security analysis. To overcome the security issues proposed method implements textual, graphical, and biometric and device password to access the user accounts and an efficient AES algorithm for data transaction which is more secured algorithm is used.