A data key management scheme based on multifactor authentication and key agreement
While remote storage technology for private data can provide convenience for users,the risk of interception attacks on private data during transmission is also increased.To improve security,sensitive data should be encrypted before uploading to remote devices.So,how to manage the secure key efficiently and reliably is very significant to data security.Multi-factor authentication is one of the key technologies to ensure the security of data transmission,and it has been widely applied in security fields,such as privacy data protection,access rights management,and online payment,etc.To ad-dress these problems,a key storage strategy based on multi-factor authentication is proposed to en-hance secure key management.First,the key is split using chamir(2,3)based on the indentified device indentity information.Second,it encrypts the identity information of the devices using public key encryption,and concels a share of the secure key derived from Shamir's secret sharing,as well as the private key used in public key encryption,through the user's private login password and biometric feature.Finally,all of the above information related to the secure key is processed by a series of com-putations and then are stored in the designated devices,respectively.Analysis in theory shows that our framework possesses the advantages of flexible authentication,efficient and reliable key manage-ment,and secure communication.Moreover,to further illustrate the effectiveness of the approach,experiments on BAN logic analysis and heuristic security analysis were carried out.The experimental results show that the proposed framework can negotiate session keys securely and resist various known attacks.
privacy data protectionmulti-factor authenticationpublic key encryptionBAN Logic
万方数据
维普
