Enhanced secure data backup scheme using multi-factor authentication

Abstract

Remote data backup technology facilitates data storage for users. However, an attacker may intercept some sensitive data on transfer. To solve this problem, sensitive data should be encrypted before uploading to the remote storage. Thus, protecting the secret encryption key is very important. Liu et al. have designed a scheme to protect the secret key using the secret-sharing method and multi-factor authentication. Unfortunately, the authors find some security weaknesses of Liu et al.'s scheme. Liu et al.'s scheme cannot resist offline password guessing attack, the server impersonation attack, the user impersonation attack and an attacker updating password/biometrics attack. They present an enhanced secure data backup scheme using multi-factor authentication to overcome all above-mentioned security threats. The user first divided a secret used to encrypt sensitive data into three shares using Shamir's secret sharing. Moreover, then the user uses the own password and biometrics to hide the true shares, and stores the pseudo three shares in the smart card, the laptop and the server, separately. Furthermore, the proposed scheme is illustrated in detail, and they give a security comparison of their scheme with Liu et al.'s scheme and computational costs.