Collaborative Authentication using Threshold Cryptography

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We propose a collaborative authentication protocol where multiple user devices (e.g., a smartphone, a smartwatch and a wristband) collaborate to authenticate the user to a third party service provider. Our protocol uses a threshold signature scheme as the main building block. The use of threshold signatures minimises the security threats in that the user devices only store shares of the signing key (i.e., the private key) and the private key is never reconstructed. For user devices that do not have secure storage capability (e.g., some wearables), we propose to use fuzzy extractors to generate their secret shares using behaviometric information when needed, so that there is no need for them to store any secret material. We discuss how to reshare the private key without reconstructing it in case a new device is added and how to repair shares that are lost due to device loss or damage. Our implementation results demonstrate the feasibility of the protocol.

Bibliographical metadata

Original languageEnglish
Title of host publicationThe 2nd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA 2019)
Publication statusAccepted/In press - 31 Jul 2019
EventThe 2nd International Workshop on Emerging Technologies for Authorization and Authentication - , Luxembourg
Event duration: 23 Sep 201927 Sep 2019

Conference

ConferenceThe 2nd International Workshop on Emerging Technologies for Authorization and Authentication
Abbreviated titleETAA 2019
CountryLuxembourg
Period23/09/1927/09/19

Related information

Researchers

View all