Developing of multi-factor authentication method based on Niederreiter-McEliece modified crypto-code system

Abstract

Two-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 2⁶–2⁷, providing the required cryptographic resistance.

В роботі проводиться аналіз переваг і недоліків методів багатофакторної автентифікації, які використовуються в банківському секторі, розглядаються основні ризики їх використання, пропонується вдосконалений метод багатофакторної SMS-автентифікації на основі модифікованих (укорочених) крипто-кодових систем Нідеррайтера-Мак-Еліса. Розглядаються математичні моделі та основні протоколи шифрування/розшифрування в запропонованих модифікованих крипто-кодових системах.