Skip to main content
SpringerLink
Log in

Multi-factor authentication scheme based on custom attributes

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Identity authentication is the key technology to confirm and authorize the legal identity of users, and it plays an important role in the field of information security. However, the current user authentication attributes are usually pre-specified by the server, which has the problem of lack of flexibility. Therefore, a multi-factor authentication scheme based on custom attributes is proposed in this paper. The user creates the authentication policy tree according to the personal identity attribute factor, and constructs the authentication policy set. In order to authenticate quickly, a multi-level cryptographic accumulator is designed. The Level-One cryptographic accumulator is used to accumulate the unique identity of the user, and the Level-Two cryptographic accumulator is used to accumulate the authentication policy set of the user. Based on the untamperable property of the blockchain and combined with the Schnorr digital signature protocol, register the accumulated value and evidence of the multi-level cryptographic accumulator to the blockchain. The user’s identity is authenticated by verifying the accumulated value and evidence on the blockchain. In order to verify the performance of the scheme, the throughput and average time delay of registration and authentication methods are tested and analyzed in detail. The results show that by integrating authentication policy tree, multi-level cryptographic accumulator and blockchain network, this scheme can not only achieve multi-factor authentication with custom attributes, but also maintain good performance. It has made a useful contribution to the field of multi-factor identity authentication based on custom attributes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Algorithm 1
Algorithm 2
Algorithm 3
Algorithm 4
Algorithm 5
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

Data Availability

Data sharing not applicable to this article as no datasets were generated or analysed during the current study.

References

  1. Wang, Z., Fan, J., Cheng, L., An, H.Z., Zheng, H.B., Niu, J.X.: Supervised anonymous authentication scheme. J. Softw. 30, 1705–1720 (2019). https://doi.org/10.13328/j.cnki.jos.005746

    Article  Google Scholar 

  2. Ma, Z.Y.: Research on distributed authentication and access control based on blockchain (2020)

  3. He, Y.C.: Research on privacy protection mechanism of identity authentication and access control in data sharing (2020)

  4. Tang, F., Bao, J., Huang, Y., Wang, H.: Multi-authority attribute-based identification scheme. J. Commun. 42, 220–228 (2021). https://doi.org/10.11959/j.issn.1000-436x.2021047

    Article  Google Scholar 

  5. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. Adv. Cryptol. Eurocrypt. 86 263, 186–194 (1986). https://doi.org/10.1007/3-540-47721-7_12

    Article  MathSciNet  Google Scholar 

  6. Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptogr. 4, 161–174 (1991). https://doi.org/10.1007/BF00196725

    Article  Google Scholar 

  7. Guillou, L.C., Quisquater, J.J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Paper Presented at Advances in Cryptology-EUROCRYPT’88: Workshop on the Theory and Applica-tion of Cryptographic Techniques, Davos, Switzerland, 25–27 May 1988 (1988)

  8. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Paper Presented at Advances in Cryptology, Proceedings of CRYPTO 84, Santa Barbara, USA, 19–22 August 1984 (1985)

  9. Sahai, A., Waters, B.R.: Fuzzy Identity-Based Encryption. In; Paper Presented at Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 22–26 May 2005 (2005)

  10. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Paper Presented at Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, USA, October 30 – November 3 2006 (2006)

  11. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Paper Presented at IEEE Symposium on Security and Privacy, Oakland, USA, 20–23 May 2007 (2007)

  12. Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-Based Signatures. In: Paper Presented at Cryptographers’ Track at the RSA Conference, San Francisco, USA, 14–18 February 2011 (2011)

  13. Tang, F., Zhang, R., Li, H.: Attribute-based non-interactive key exchange. Sci. China Inf. Sci. 60, 19101–1191013 (2017). https://doi.org/10.1007/s11432-015-0994-0

    Article  Google Scholar 

  14. Guo, L., Zhang, C., Sun, J., Fang, Y.: A privacy-preserving attribute-based authentication system for mobile health networks. IEEE Trans. Mobile Comput. 13, 1927–1941 (2014). https://doi.org/10.1109/TMC.2013.84

    Article  Google Scholar 

  15. Alpár, G., Batina, L., Batten, L., Moonsamy, V., Krasnova, A., Guellier, A., Natgunanathan, I.: New directions in IoT privacy using attribute-based authentication. In: Paper Presented at Proceedings of the ACM International Conference on Computing Frontiers, Como, Italy, 16–19 May 2016 (2016)

  16. Lone, T.A., Rashid, A., Gupta, S., Gupta, S.K., Singhal, A.: Securing communication by attribute-based authentication in hetnet used for medical applications. EURASIP J. Wirel. Commun. Netw. 2020, 146 (2020). https://doi.org/10.1186/s13638-020-01759-5

    Article  Google Scholar 

  17. Anada, H., Arita, S., Handa, S., Iwabuchi, Y.: Attribute-based identification: definitions and efficient constructions. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 97–A, 1086–1102 (2014). https://doi.org/10.1587/transfun.E97.A.1086

    Article  Google Scholar 

  18. Wei, L., Huang, Z.J., Chen, Q.S.: Decentralized attribute-based undeniable signature. Comput. Eng. Sci. 42, 1003–1011 (2020)

    Google Scholar 

  19. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted 4, 1–9 (2008)

    Google Scholar 

  20. Wagner, M., Mcmillin, B.: An efficient blockchain authentication scheme for vehicular Ad-Hoc networks. In: Paper Presented at Critical Infrastructure Protection 2020, Arlington, USA, 16–17 March 2020 (2020)

  21. Xu, J., Xue, K., Tian, H., Hong, J., Hong, P.: An identity management and authentication scheme based on redactable blockchain for mobile networks. IEEE Trans. Veh. Technol. 69, 6688–6698 (2020). https://doi.org/10.1109/TVT.2020.2986041

    Article  Google Scholar 

  22. Esposito, C., Ficco, M., Gupta, B.B.: Blockchain-based authentication and authorization for smart city applications. Inf. Process. Manag. 58, 102468 (2021). https://doi.org/10.1016/j.ipm.2020.102468

    Article  Google Scholar 

  23. Xiang, X., Wang, M., Fan, W.: A permissioned blockchain-based identity management and user authentication scheme for e-health system. IEEE Access 8, 171771–171783 (2020). https://doi.org/10.1109/ACCESS.2020.3022429

    Article  Google Scholar 

  24. Wei, Z., Zhou, L.: Design and implementation of identity authentication system based on blockchain. Softw. Eng. 23, 37–40 (2020). https://doi.org/10.19644/j.cnki.issn2096-1472.2020.11.011

    Article  Google Scholar 

  25. Miao, W.H., Wang, J.X., Zheng, Z.H.: Identity authentication scheme based on blockchain and multi factor combination. Comput. Simul. 39, 402–408 (2020)

    Google Scholar 

  26. Yu, G., Xia, K., Xin, M., Wang, S.: Multi factor remote identity authentication method based on cloud platform internet of things. Comput. Appl. Softw. 39, 310–316 (2022). https://doi.org/10.3969/j.issn.1000-386x.2022.11.047

    Article  Google Scholar 

  27. Chen, J.M., Huang, C.Y.: Analysis of multi factor identity authentication based on voiceprint recognition technology. Comput. Inf. Technol. 30, 19–21 (2022). https://doi.org/10.19414/j.cnki.1005-1228.2022.05.009

    Article  Google Scholar 

  28. Benaloh, J., Mare, M.D.: One-way accumulators: a decentralized alternative to digital signatures. In: Paper Presented at Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology, Berlin, Heidelberg, 1994 (1994)

  29. Kumar, A., Lafourcade, P., Lauradoux, C.: Performances of cryptographic accumulators. In: Paper Presented at 39th Annual IEEE Conference on Local Computer Networks, Edmonton, Canada, 8–11 September 2019 (2014)

  30. Zhao, Y., Tan, H., Zhang, Z., Cheng, H., Zhou, T., Zhao, H., Lyu, B.: Self-sovereign identity authentication scheme based on blockchain and cryptographic accumulator. Appl. Res. Comput. 39, 1633–1637 (2022). https://doi.org/10.19734/j.issn.1001-3695.2021.11.0591

    Article  Google Scholar 

  31. Ozcelik, I., Medury, S., Broaddus, J., Skjellum, A.: An overview of cryptographic accumulators. In: Paper Presented at Proceedings of the 7th International Conference on Information Systems Security and Privacy, 11–13 February 2021 (2021)

  32. Zhong, X.R., Ma, C.G.: Dynamic accumulators-based authenticated group key management scheme for heterogeneous wireless sensor network. J. Commun. 35, 124–134 (2014). https://doi.org/10.3969/j.issn.1000-436x.2014.03.014

    Article  Google Scholar 

  33. Camenisch, J., Lysyanskaya, A.: dynamic accumulators and application to efficient revocation of anonymous credentials. In: Paper Presented at 22nd Annual International Cryptology Conference, Santa Barbara, California, USA, August 18–22, 2002 (2002)

  34. Fuchsbauer, G., Kiltz, E., Loss, J.: The algebraic group model and its applications. In: Paper Presented at 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, 19–23 August 2018 (2018)

  35. Fuchsbauer, G., Plouviez, A., Seurin, Y.: Blind schnorr signatures and signed ElGamal encryption in the algebraic group model. In: Paper Presented at 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 10–14 May 2020 (2020)

  36. Sahoo, S.S., Mohanty, S., Majhi, B.: A secure three factor based authentication scheme for health care systems using iot enabled devices. J. Ambient Intell. Humaniz. Comput. 12, 1419–1434 (2021). https://doi.org/10.1007/s12652-020-02213-6

    Article  Google Scholar 

  37. Wang, W.Z., Huang, H.K., Zhang, L.J., Su, C.H.: Secure and efficient mutual authentication protocol for smart grid under blockchain. Peer Peer Netw. Appl. 14, 2681–2693 (2021). https://doi.org/10.1007/s12083-020-01020-2

    Article  Google Scholar 

Download references

Funding

This work is funded by Jilin development and reform commission construction fund (2020C020-2), the Education Department of Jilin Province with Grants No. JJKH20200577KJ, the project plan of science and technology development center of the Ministry of Education (No. 2020ITA07031) and the Jilin Science and Technology Development Plan Project (Project No. 20210201083GX).

Author information

Author notes

  1. H. Zhou, N. Li, L. Song, J. Zheng these authors contributed equally to this work.

Authors and Affiliations

  1. School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, 100081, Beijing, China

    Dexin Zhu & Jun Zheng

  2. College of Computer Science and Technology, Changchun University, Changchun, 130022, Jilin, China

    Dexin Zhu, Hu Zhou & Nianfeng Li

  3. Jilin Engineering Laboratory for Quantum Information Technology, Changchun Institute Of Technology, Changchun, 130022, Jilin, China

    Lijun Song

Authors
  1. Dexin Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hu Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nianfeng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lijun Song
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jun Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Lijun Song or Jun Zheng.

Ethics declarations

Conflict of interest

The authors declare that they have no competing interests.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhu, D., Zhou, H., Li, N. et al. Multi-factor authentication scheme based on custom attributes. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04371-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10586-024-04371-0

Keywords

Search

Navigation