A Privacy-Preserving Multi-Factor Authenticated Key Exchange Protocol with Provable Security for Cloud Computing

• Published in: Journal of Information Science and Engineering Vol. 33; no. 4; pp. 907 - 921
• Main Authors: 魏福山(FU-SHAN WEI), 姜奇(QI JIANG), 张瑞杰(RUI-JIE ZHANG), 马传贵(CHUAN-GUI MA)
• Format: Journal Article
• Language: English
• Published: Taipei 社團法人中華民國計算語言學學會 01.07.2017; Institute of Information Science, Academia Sinica
• Subjects: Cloud computing; Cybersecurity; Extractors; Information technology; Privacy; biometrics; password; cloud computing; fuzzy extractors; multi-factor key exchange
• ISSN: 1016-2364
• DOI: 10.6688/JISE.2017.33.4.3

In the past decade, cloud computing has grown from being a promising business concept to one of the fast growing segments of the information technology's industry. More and more information of individuals and companies are stored in the cloud. However, security and privacy issues pose as the key roadblock to its fast adoption. In order to address these issues, we present an efficient MFAKE protocol based on fuzzy extractors in this paper. The novel protocol can be proven secure in the random oracle model and achieves truly multi-factor security. Compared with other related MFAKE protocols, our protocol not only enjoys stronger security, but also has greater efficiency both in terms of computation and communication. The proposed MFAKE protocol provides high-level security and protects user's privacy, so it is particular suitable for cloud computing environments.