Efficient Multifactor Two-Server Authenticated Scheme under Mobile Cloud Computing
Wireless Communications and Mobile Computing
Because the authentication method based on username-password has the disadvantage of easy disclosure and low reliability and the excess password management degrades the user experience tremendously, the user is eager to get rid of the bond of the password in order to seek a new way of authentication. Therefore, the multifactor biometrics-based user authentication wins the favor of people with advantages of simplicity, convenience, and high reliability. Now the biometrics-based (especially the
... ngerprint information) authentication technology has been extremely mature, and it is universally applied in the scenario of the mobile payment. Unfortunately, in the existing scheme, biometric information is stored on the server side. As thus, once the server is hacked by attackers to cause the leakage of the fingerprint information, it will take a deadly threat to the user privacy. Aiming at the security problem due to the fingerprint information in the mobile payment environment, we propose a novel multifactor two-server authenticated scheme under mobile cloud computing (MTSAS). In the MTSAS, it divides the authentication method and authentication means; in the meanwhile, the user's biometric characteristics cannot leave the user device. Thus, MTSAS avoids the fingerprint information disclosure, protects user privacy, and improves the security of the user data. In the same time, considering user actual requirements, different authentication factors depending on the privacy level of authentication are chosen. Security analysis proves that MTSAS has achieved the authentication purpose and met security requirements by the BAN logic. In comparison with other schemes, the result shows that MTSAS not only has the reasonable computational efficiency, but also keeps the superior communication cost.