Multifactor Authentication

Authentication can be accomplished with one factor, two factors, or multiple factors. Which one is the weakest level of authentication and which is the most secure and why? When would a more secure system be required? Be able to explain these multifactor authentication methods: password protection, token presence, voice biometrics, facial recognition, ocular-based methodology, hand geometry, vein recognition, fingerprint scanner, thermal image recognition, and geographical location. What are some challenges of multiple factor authentication when using biometrics? There is a lot of interesting information covered in this article that you do not need to memorize, but that you should be aware of.

4.3. Proposed MFA Solution for V2X Applications

4.3.2. Cloud Assistance

Another important scenario for MFA is potential assistance of the trusted authority in

$F_i:S_i$ mismatch or loss. In case when the user fails to present a sufficient number of factors, the trusted authority can be requested to provide the temporary factor keys, as it is demonstrated in Figure 7.

Figure 7. Trusted authority assistance in authentication when user is missing two factors.

For example, assume that the user forgot or lost two factors $F_{2}$ and $F_{3}$ with the corresponding keys $S_{1}=f\left(F_{1}\right)$ and $S_{2}=f\left(F_{2}\right)$ . The trusted authority is willing to assist in authentication-two temporary keys $S_{\Phi_{1}}=f\left(\Phi_{1}\right)$ and $S_{\Phi_{2}}=f\left(\phi_{2}\right)$ are thus generated and sent to the user via a secure channel. Obtaining these keys and applying the Lagrange interpolation formula with RSA or EIGamal encryption/decryption-based threshold authentication procedure involves the following factors and keys

$\begin{array}{l} F_{1}: S_{1} \\ F_{2}: S_{2} \\ \cdots \\ F_{l}: S_{L} \\ F_{l+1}: T \\ \phi_{1}: S_{\Phi_{1}} \\ \phi_{2}: S_{\Phi_{2}} \end{array}$

This allows for gaining access to the device. The proposed solution is designed explicitly to complete the MFA step of the authentication, that is, its usage for SFA and 2FA is not recommended. This is mainly due to the features of the Lagrange interpolation formula. Basically. in the SFA case and without the $F_{l+1}: T$ factor, the equation at hand can be simply represented as $S_{1}=S+b_{1} F_{1}$ ,

i.e., it will become 'a point'. Even adding a random timestamp factor will not provide any valuable level of biometric data protection, since an eavesdropper could be able to immediately recover the factor secret.

The above is not suitable for the 2FA either, since providing two factors allows the curve to have linear behavior,

i.e., the eavesdropper is required two attempts to recover the secrets. However, adding a timestamp factor here allows for providing the necessary level of safety with three actual factors, as discussed below.