EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Physical-Unclonable-Function-Based Lightweight Three-Factor Authentication for Multiserver Architectures

Qi Xie () and Yuanyuan Zhao
Additional contact information
Qi Xie: Key Laboratory of Cryptography of Zhejiang Province, Hangzhou Normal University, Hangzhou 311121, China
Yuanyuan Zhao: Key Laboratory of Cryptography of Zhejiang Province, Hangzhou Normal University, Hangzhou 311121, China

Mathematics, 2023, vol. 12, issue 1, 1-19

Abstract: To support more complex and robust online services, enterprise-class applications prefer to interconnect multiple servers as the pedestal to enhance the system’s interoperability. However, the multiserver architecture always struggles to reconcile the trade-off between convenience and security, leaving users exposed to a variety of network attack threats. Existing security authentication schemes based on the Chebyshev Chaotic Map for multiserver architectures cannot provide three-factor (including password, biometric feature, and smart card) security. Therefore, we propose a novel Physical-Unclonable-Function-based Lightweight Three-Factor Authentication (PUF-LTA) scheme, which can achieve three-factor security. The PUF-LTA scheme mainly includes two components: (1) PUF-assisted registration and (2) lightweight mutual authentication with one-time interaction. During the PUF-assisted registration process, to defend against side-channel attacks on smart cards, the login credentials of users are XORed with the unique identifier generated by the PUF so that the adversary cannot obtain these secret login credentials. During the lightweight mutual authentication process, we combine the Chebyshev polynomial map and symmetric encryption/decryption to negotiate the session key between users and servers, which only needs one interaction. The security performance of PUF-LTA is theoretically proved by leveraging the random oracle model. In contrast with relevant multiserver authentication schemes, PUF-LTA is more efficient and suitable for resource-constrained multiserver environments because it can ensure secure three-factor authentication and support flexible biometrics and password updates with less computation cost.

Keywords: authentication protocol; multiserver architecture; three-factor security; physical unclonable function (search for similar items in EconPapers)
JEL-codes: C (search for similar items in EconPapers)
Date: 2023
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/2227-7390/12/1/79/pdf (application/pdf)
https://www.mdpi.com/2227-7390/12/1/79/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jmathe:v:12:y:2023:i:1:p:79-:d:1307445

Access Statistics for this article

Mathematics is currently edited by Ms. Emma He

More articles in Mathematics from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jmathe:v:12:y:2023:i:1:p:79-:d:1307445