Multifactor Authentication

4.3. Proposed MFA Solution for V2X Applications

4.3.1. Factor Mismatch

Assuming that the number of factors in our system is $l=4,$ the system secret $S$ can be represented in a simplified way as a group of

$S \leftarrow\left[\begin{array}{llll} F_{1} & F_{2} & F_{3} & F_{4} \end{array}\right]$

Here, if any of $S_{i}$ are modified-the secret recovery mechanism would fail. An improvement to this algorithm is delivered by providing separate system solutions $\bar{S}_{i}$ for a lower number of factors collected. Basically, for $\bar{l}=3,$ the number of possible combinations of factors with one missing is equal to four, as follows

$\begin{array}{l} \overline{S_{1}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{2} & F_{3} \end{array}\right] \\ \overline{S_{2}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{3} & F_{4} \end{array}\right] \\ \overline{S_{3}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{2} & F_{4} \end{array}\right] \\ \overline{S_{3}} \leftarrow\left[\begin{array}{lll} F_{2} & F_{3} & F_{4} \end{array}\right] \end{array}$

The device may thus grant access based on a predefined risk function policy. As the second benefit, it can inform the user (or the authority) that a particular factor $F_{i}$ has to be updated based on the failed $S_{i}$ combination. Indeed, this modification brings only marginal transmission overheads, but, on the other hand, enables higher flexibility in authentication and missing factor validation.