Two-Factor Authentication Resilient to Server Compromise Using Mix-Bandwidth Devices

Author(s): Maliheh Shirvanian, Stanislaw Jarecki, Nitesh Saxena, Naveen Nathan

Download: Paper (PDF)

Date: 22 Feb 2014

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2014

Abstract:

We present novel Two-Factor Authentication (TFA) protocols with improved resistance against online and offline attacks. We show that our TFA protocols can utilize various device-terminal channels, involving PIN entry, QR codes, or wireless communication, and we demonstrate the security, usability and deployability advantages of the resulting TFA schemes over known TFA schemes.