A Novel and Robust Authentication Factor Based on Network Communications Latency

Zuochao Dou, Issa Khalil, Abdallah Khreishah

Research output: Contribution to journalArticlepeer-review

5 Scopus citations

Abstract

We propose a new authentication factor based on network round trip time (NRTT). We show how NRTT can be used to uniquely and securely identify login locations and hence can support location-based web authentication mechanisms. The first research challenge is how to securely measure and verify NRTT to hamper potential forgery attempts. We address the first challenge by introducing a novel forwarding device in the path between the server and the client, dubbed delay mask (DM), which prevents any entity, but the server, from being able to measure the NRTT for any client. The second research challenge is how to reliably measure NRTT in the face of variable Internet latencies and connectivity conditions. The second challenge is addressed by: first, computing the average of a number of NRTT measurements after outlier removal; and second, applying multiple profiles per user through the deployment of multiple DMs in diverse geographical locations. We design a two-factor authentication scheme (dubbed AMAN) that uses legacy passwords as a first factor and NRTT as a second authentication factor. We conduct extensive experiments to evaluate security-usability-deployability properties of AMAN and compare it with the state-of-the-art authentication mechanisms. The results show that AMAN achieves the best combination of these properties.

Original languageEnglish (US)
Article number4267003
Pages (from-to)3279-3290
Number of pages12
JournalIEEE Systems Journal
Volume12
Issue number4
DOIs
StatePublished - Dec 2018

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Information Systems
  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Keywords

  • Authentication
  • Gaussian distribution
  • network communications latency
  • password compromise
  • web service

Fingerprint

Dive into the research topics of 'A Novel and Robust Authentication Factor Based on Network Communications Latency'. Together they form a unique fingerprint.

Cite this