Enhanced secure data backup scheme using multi-factor authentication

6Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.

Abstract

Remote data backup technology facilitates data storage for users. However, an attacker may intercept some sensitive data on transfer. To solve this problem, sensitive data should be encrypted before uploading to the remote storage. Thus, protecting the secret encryption key is very important. Liu et al. have designed a scheme to protect the secret key using the secret-sharing method and multi-factor authentication. Unfortunately, the authors find some security weaknesses of Liu et al.'s scheme. Liu et al.'s scheme cannot resist offline password guessing attack, the server impersonation attack, the user impersonation attack and an attacker updating password/biometrics attack. They present an enhanced secure data backup scheme using multi-factor authentication to overcome all above-mentioned security threats. The user first divided a secret used to encrypt sensitive data into three shares using Shamir's secret sharing. Moreover, then the user uses the own password and biometrics to hide the true shares, and stores the pseudo three shares in the smart card, the laptop and the server, separately. Furthermore, the proposed scheme is illustrated in detail, and they give a security comparison of their scheme with Liu et al.'s scheme and computational costs.

Cite

CITATION STYLE

APA

Hu, H., Lin, C., Chang, C. C., & Chen, L. (2019). Enhanced secure data backup scheme using multi-factor authentication. IET Information Security, 13(6), 649–658. https://doi.org/10.1049/iet-ifs.2018.5380

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free