Securing Web Access: PUF-Driven Two-Factor Authentication for Enhanced Protection

Securing Web Access: PUF-Driven Two-Factor Authentication for Enhanced Protection

연구 분야: Analysis

학회: International Conference on Computer Safety, Reliability, and Security

In traditional single-factor authentication, users typically authenticate using only their usernames and passwords. While this method is simple to implement, it’s prone to various security threats such as dictionary attacks, snooping, and brute force attacks. Two-factor authentication (2FA) addresses these vulnerabilities by requiring users to provide two forms of identification: something they know (like a password) and something they have (like a cell phone or hardware token). This dual-layered approach significantly strengthens security.Unlike existing 2FA schemes which either rely on hardware tokens such as RSA SecureID or soft tokens like Google Authenticator, both utilizing One-time Passwords (OTPs) that users must manually input in addition to their passwords as the second factor of authentication, Our paper introduces a new, lightweight two-factor authentication scheme specifically designed for web applications by incorporating Physically Unclonable Functions (PUFs) as the secondary authentication factor that adds an extra layer of security by utilizing unique physical characteristics of the PUF to verify user identity and streamlining the authentication process offering users the same level of satisfaction as single-factor authentication without the inconvenience of additional steps.