SoK: A Comprehensive Evaluation of 2FA-based Schemes in the Face of Active Concurrent Attacks from User Terminal

Citations Over TimeTop 21% of 2023 papers

Abstract

Malware-infected terminals pose a pervasive threat to authentication systems. As password-only authentication cannot adequately protect against malware on terminals, the literature proposes several authentication methods claiming to provide security in the presence of significant security threats, including infected terminals. Most methods incorporate a password-independent factor in the authentication process to mitigate these threats. According to the community view in the literature, 2FA-oriented methods appear to be secure in the presence of malware on the authentication terminal. In this work, we systematize these 2FA-based academic schemes' threat models and authentication procedures to examine how they ensure security at every step of the authentication process. Additionally, we present an active concurrent attack framework named CSI(Concurrent Session Injection) and have done a comprehensive analysis of studied academic authentication systems against it. Furthermore, we systematize secure authentication systems from the literature that claim to provide protection against user terminal malware and concurrent attacks and point out their potential vulnerabilities. Our research emphasizes the significance of taking proper security measures against such threats and creates the opportunity to design more secure authentication systems in future research.

Related Papers

• → Robust Multi-Factor Authentication for Fragile Communications(2014)140 cited
• → A novel dynamic user authentication scheme(2012)17 cited
• → Research on Multi-factor Bidirectional Dynamic Identification Based on SMS(2018)5 cited
• Implementation of Role-based Access Control in Authentication Manager(2005)
• Research on User's Register Security in WIFI Access Method(2013)