WiP: Towards Zero Trust Authentication in Critical Industrial Infrastructures with PRISM

Abstract

With the increasing threat of cyber attacks on critical infrastructures, the need for robust security measures has become more pressing. In response, decentralized secure computation has gained traction as an effective approach to minimizing the risks associated with such threats. We introduce this computation into the decentralized registration and authentication applications, and present the PRISM scheme. To ensure the security of the registration phase, the threshold secret sharing (TSS) technique is used to protect the credential against single-point failures. The threshold oblivious pseudorandom function (TOPRF) technique further enhance the security of PRISM scheme in the password-based authentication phase, by allowing the user to reconstruct the authentication messages from any subset of t parties and pass the verification. This study is a work in progress, and we are currently analyzing the detailed scheme and its security to better understand the practicality of our PRISM scheme. The theoretical security analysis demonstrates that our PRISM scheme achieves the properties of privacy preservation, unpredictability, and obliviousness. Experimental evaluation of the performance and practicability of our scheme will be presented in the full version.