Research On Multi-factor Assisted Authentication Enhancement Mechanism

Authentication is an important checkpoint for guaranteeing users' online accounts In a modern society with continuous digitalization,authentication is particularly im-portant.However,the traditional authentication schemes have many inconveniences or hidden dangers.There are some problems in the authentication scheme based on user's known information such as shoulder-surfing attack and dictionary attack.The authen-tication scheme based on the hardware held by the user requires additional hardware equipment,which has low portability and poor user experience.There are some prob-lems in the authentication based on user's biometric such as high hardware cost and privacy issue.At present,designing an enhanced authentication scheme that combines ease of use,availability,and security has important theoretical significance and wide application valueThis paper researches on specific and widely-used enhanced authentication schemes around the ease of use,availability and security of the scheme.Our research efforts can be summarized as follows:1.This paper proposes a zero-effect two-factor authentication scheme based on au-dio signals,which adds a second authentication factor,audio signal,on the basis of pass-word.This scheme looks for signs of physical proximity between the browser/computer and the smart phone by having the two devices compare both their surrounding sounds and some unpredictable near-ultrasounds;if significant distinguishability is found,this scheme rejects the user's login request.When recording the ambient sound,this scheme additionally utilizes near-ultrasound(usually from 18 kHz to 20 kHz)at the edge of the audible area of the human ear to actively disturb and identify the surrounding environ-ment.In this scheme,the audio signals recorded by the two user devices are analyzed according to the time-domain similarity and the frequency-domain similarity,and the comparison problem of the audio signals is regarded as a classification problem.The popular machine learning technology is used for classification.In the case where the false rejection rate is near to the existing scheme,the false acceptance rate is lower than the existing scheme.In addition,this paper also studies the effect of audio duration and device distance on the scheme.The experimental results show that under normal cir-cumstances,as the audio duration increases,the false acceptance rate and false rejection rate decrease;in the case of "simulation attack" by the adversary,as the audio duration increases,the proportion of audio that the adversary can simulate becomes larger and larger,and the false acceptance rate is also getting higher and higher.2.This paper proposes a zero-effect multi-factor authentication scheme based on Wi-Fi signals,which adds other authentication factors on the basis of password:Wi-Fi information and random number.This scheme looks for signs of physical proximity between the browser/computer and the smart phone by having the two devices compare both their surrounding Wi-Fi information and received random numbers;if significant distinguishability is found,this scheme rejects the user's login request.In this scheme,the Wi-Fi information used includes the Wi-Fi list and signal strength received by the device.Authentication is based on the characteristic that two devices in the same loca-tion have similar Wi-Fi information.The smart phone sends the random number,which is transmitted by the server,through the Wi-Fi channel in the form of multicast,and re-gards it as a challenge to the computer.For a computer at the same Wi-Fi access point as the smartphone,its browser will capture the random number in the multicast message with the help of the extension and send it to the server for verification.Experimental results show that the scheme has a low false rejection rate and a low false acceptance rate,and Wi-Fi information at the same location does not change much at different time Furthermore,this paper also evaluates the effect of device distance on the scheme.The evaluation results show that as the device distance increases,the similarity of Wi-Fi information of the two devices decreases at the same time.