Multifactor Authentication

Authentication can be accomplished with one factor, two factors, or multiple factors. Which one is the weakest level of authentication and which is the most secure and why? When would a more secure system be required? Be able to explain these multifactor authentication methods: password protection, token presence, voice biometrics, facial recognition, ocular-based methodology, hand geometry, vein recognition, fingerprint scanner, thermal image recognition, and geographical location. What are some challenges of multiple factor authentication when using biometrics? There is a lot of interesting information covered in this article that you do not need to memorize, but that you should be aware of.

4. Enabling Flexible MFA Operation

4.1. Conventional Approach

One of the approaches considered within the scope of this work is based on utilizing Lagrange polynomials for secret sharing. The system secret S is usually "split" and distributed among a set of key holders. It could be recovered later on, as described in and numerous other works, as

\begin{array}{l} f(x)=S+a_{1} x+a_{2} x^{2}+\cdots+a_{l-1} x^{l-1} \\ f(0)=S \end{array}

where a_{i} are the generated polynomial indexes and x is a unique identification factor F_{i}. In such systems, every key holder with a factor ID obtains its own unique key share S_{I D}=f(I D)

In conventional systems, it is required to collect any / shares \left\{S_{I D_{1}}, S_{I D_{2}}, \ldots, S_{I D_{l}}\right\} of the initial secret to unlock the system, while the curve may offer n>l points, as it is shown in Figure 5. The basic principle behind this approach is to specify the secret S and use the generated curve based on the random coefficients a_{i} to produce the secret shares S_{i}. This methodology is successfully utilized in many secret sharing systems that employ the Lagrange interpolation formula.

Figure 5. Lagrange secret sharing scheme.

Unfortunately, this approach may not be applied for the MFA scenario directly, since the biometric parameters are already in place, i. e ., we can neither assign a new S_{i} to a user nor modify them. On the one hand, the user may set some of the personal factors, such as password, PIN-code, etc. On the other hand, some of them may be unchangeable (biometric parameters and behavior attributes). In this case, an inverse task where the shares of the secret S_{I D_{i}} are known as factor values S_{i} is to be solved. Basically, S_{i} are fixed and become unique \left\{S_{1}, S_{2}, \ldots, S_{l}\right\} when set for a user. In this case, S is the secret for accessing the system and should be acquired with the user factor values. A possible solution based on the reversed Lagrange interpolation formula is proposed in the following subsection.