摘要
针对传统双因素认证缺乏可用性的问题,本文提出了一种基于情景感知的低交互移动双因素认证系统.用户通过本系统登录网站时,除输入用户名和口令外,只需点击令牌程序的认证键即可完成认证,平均登录时间不超过5秒.同其它可用性加强的移动双因素认证系统相比,本系统能够抵抗同一环境下的攻击者,而且支持用户手机浏览器进行网站登录.最终安全分析和实验结果证实了本方法的有效性.
Aiming at the problem of usability for traditional two factor authentication (2FA),we propose a low interaction mobile 2FA system in this paper.In our system users only need to enter the usernames and passwords in the browser and press the confirm button on the mobile app for authentication.The average login time for users is no more than 5 seconds.Compared with the current usability enhanced 2FA systems,our system can resist attackers in the same environment and support users to login website with phone browsers.The experimental and analytical results shows the effectiveness of our system.
作者
刘冬
陈晶
杜瑞颖
何琨
LIU Dong;CHEN Jing;DU Rui-ying;HE Kun(State Key Laboratory of Software Engineering,School of Computer,Wuhan University,Wuhan,Hubei 430072,China;Science and Technology on Communication Security Laboratory,Chengdu,Sichuan 610041,China;Collaborative Innovation Center of Geospatial Technology,Wuhan,Hubei 430072,China;North Automatic Control Technique Research Institute,Taiyuan,Shanxi 030006,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2018年第5期1056-1061,共6页
Acta Electronica Sinica
基金
国家自然科学基金(No.61572380
No.61772383)
国家973重点基础研究发展规划(No.2014CB340600)
关键词
移动双因素认证
WiFi指纹
设备指纹
mobile two-factor authentication (2FA)
WiFi fingerprint
device fingerprint