Security

Multi-Factor Password-Authenticated Key Exchange

Free registration required

Executive Summary

The authors consider a new form of authenticated key exchange which they call multi-factor password-authenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other's identity without directly disclosing private information to the other party. Multi-factor authentication can provide an enhanced level of assurance in higher-security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised.

  • Format: PDF
  • Size: 403 KB