Modular Design and Analysis Framework for Multi-Factor Authentication and Key Exchange
An authentication factor is used to produce some evidence that an entity at the end of the communication channel is the one which it claims to be. Modern computer security knows different types of authentication factors, all of which are widely used in practice. Their standard classification considers three main groups, characterized by the nature of provided evidence: knowledge, possession, and physical presence. Multi-Factor Authentication (MFA), often coupled with Key Exchange (KE), offers very strong protection for secure communication and has been recommended by many major governmental and industrial bodies for the use in highly sensitive applications. Instantiations of the MFA concept vary in practice and in the research literature and various efforts in designing secure MFA protocols were unsuccessful.