Multifactor Authentication
4. Enabling Flexible MFA Operation
4.2. Proposed Reversed Methodology
where is the secret value obtained from the sensor (factor), is the number of factors required to reconstruct the secret, and is a timestamp collected at time instant . It is important to note that providing the actual secrets to the verifier is not an option, especially in case of sensitive biometric data, because a fingerprint is typically an unchangeable factor. Hence, letting even a trusted instance obtain the corresponding data is a questionable step to make. Conversely, compared to the method considered in Section 4.1, the modified algorithm implies that are obtained from the factors (only one polynomial describes the corresponding curve), as it is shown in Figure 5. In other words, the proposed methodology produces the system secret based on the collected factor values instead of assigning them in th first place. A system of equations connected to the Lagrange interpolation formula with the factors, their values, and the secret for the system access is
where are the corresponding generated coefficients, and . The system in Equation (3) has only one solution for and it is well known from the Lagrange interpolation formula.
Lemma 1. One and only one polynomial curve of degree could be described by 1 points on the plane
Hence, the system secret may be recovered based on / collected shares as given by the conventional Lagrange interpolation formula without the need to transfer the original factor secrets to the verifier. Hence, the sensitive person-related data is kept private, as
where The proposed modifications are required to assure the uniqueness of the acquired data, see Figure 6.
Figure 6. Reversed method based on the Lagrange polynomial.
Due to the properties of the Lagrange formulation, there can only be one curve described by the corresponding polynomial (Lemma 1); therefore, each set of will produce its unique . However, if the biometric data collected by MFA has not been changed over time, the secret will always remain the same, which is an obvious vulnerability of the considered system. On the other hand, a simple addition of the timestamp should always produce a unique curve, as it is shown in Figure 6 for , and .
The proposed solution provides robustness against the case where all remain unchanged over time. This is achieved by adding a unique factor of time which enables the presence of with the corresponding secret. It is necessary to mention that the considered threshold scheme based on the Lagrange interpolation formula utilizes Rivest-Shamir-Adleman (RSA) mechanism or EIGamal encryption/decryption algorithm for authentication during the final step. In this case, it is proven that we obtain a secure threshold scheme related to secrets in.